Page 2 of 16 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability. • https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_4781A4 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the file /bin/ate of the component Service Port 7329. The manipulation of the argument v2 leads to command injection. The attack can be initiated remotely. • https://github.com/xinzhihen06/ac23tenda/blob/main/tendaAC23.md https://vuldb.com/?ctiid.228778 https://vuldb.com/?id.228778 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/jingping911/tendaAC23overflow/blob/main/README.md https://vuldb.com/?ctiid.220640 https://vuldb.com/?id.220640 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. Se descubrió que Tenda AC23 V16.03.07.45_cn contenía un desbordamiento de pila a través del parámetro timeZone en la función fromSetSysTime. • https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#fromsetsystimesub_496104strcpychar-v6-s • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. Se descubrió que Tenda AC23 V16.03.07.45_cn contenía un desbordamiento de pila a través del parámetro shareSpeed en la función fromSetWifiGusetBasic. • https://github.com/ppcrab/IOT_FIRMWARE/blob/main/Tenda/ac23/ac23.md#fromsetwifigusetbasic • CWE-787: Out-of-bounds Write •