CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38935
https://notcve.org/view.php?id=CVE-2023-38935
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetQosBand/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-37711
https://notcve.org/view.php?id=CVE-2023-37711
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/saveParentControlInfo • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-37712
https://notcve.org/view.php?id=CVE-2023-37712
Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/fromSetIpBind • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-37710
https://notcve.org/view.php?id=CVE-2023-37710
Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the fromSetWirelessRepeat function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/fromSetWirelessRepeat • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-42078
https://notcve.org/view.php?id=CVE-2022-42078
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. Tenda AC1206 versión US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 es vulnerable a un ataque de tipo Cross Site Request Forgery (CSRF) por medio de la función fromSysToolRestoreSet • https://github.com/tianhui999/myCVE/blob/main/AC1206/AC1206-2.md • CWE-352: Cross-Site Request Forgery (CSRF) •