CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2898 – Tenda AC7 SetStaticRouteCfg fromSetRouteStatic stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2898
A vulnerability classified as critical was found in Tenda AC7 15.03.06.44. Affected by this vulnerability is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromSetRouteStatic.md https://vuldb.com/?ctiid.257941 https://vuldb.com/?id.257941 https://vuldb.com/?submit.300361 • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2897 – Tenda AC7 WriteFacMac formWriteFacMac os command injection
https://notcve.org/view.php?id=CVE-2024-2897
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. Affected is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/formWriteFacMac.md https://vuldb.com/?ctiid.257940 https://vuldb.com/?id.257940 https://vuldb.com/?submit.300360 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2896 – Tenda AC7 WifiWpsStart formWifiWpsStart stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2896
A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. This issue affects the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/formWifiWpsStart.md https://vuldb.com/?ctiid.257939 https://vuldb.com/?id.257939 https://vuldb.com/?submit.300359 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2895 – Tenda AC7 WifiWpsOOB formWifiWpsOOB stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2895
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. This vulnerability affects the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be initiated remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/formWifiWpsOOB.md https://vuldb.com/?ctiid.257938 https://vuldb.com/?id.257938 https://vuldb.com/?submit.300358 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2894 – Tenda AC7 SetNetControlList formSetQosBand stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2894
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. This affects the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/formSetQosBand.md https://vuldb.com/?ctiid.257937 https://vuldb.com/?id.257937 https://vuldb.com/?submit.300357 • CWE-121: Stack-based Buffer Overflow •