CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40847
https://notcve.org/view.php?id=CVE-2023-40847
30 Aug 2023 — Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check. Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin es vulnerable al desbordamiento del búfer a través de la función "initIpAddrInfo". En la función, lee un parámetro proporcionado por el usuario, y la variable se pasa a la función sin ninguna comprobación de longitud. • https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/12/12.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40848
https://notcve.org/view.php?id=CVE-2023-40848
30 Aug 2023 — Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858." Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin es vulnerable al desbordamiento del búfer a través de la función "sub_7D858". • https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/11/11.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-40846
https://notcve.org/view.php?id=CVE-2023-40846
28 Aug 2023 — Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998. • https://github.com/XYIYM/Digging/blob/main/Tenda/AC6/bof/9/9.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-39670
https://notcve.org/view.php?id=CVE-2023-39670
18 Aug 2023 — Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets. Se ha descubierto que Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 contiene un desbordamiento de búfer a través de la función fgets. • https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC6%20buffer%20overflow.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38931
https://notcve.org/view.php?id=CVE-2023-38931
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/cloudv2_setaccount/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38933
https://notcve.org/view.php?id=CVE-2023-38933
07 Aug 2023 — Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetClientState/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38936
https://notcve.org/view.php?id=CVE-2023-38936
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetSpeedWan/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1CVE-2023-38937
https://notcve.org/view.php?id=CVE-2023-38937
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetVirtualSer/README.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45641
https://notcve.org/view.php?id=CVE-2022-45641
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg. Tenda AC6V1.0 V15.03.05.19 es vulnerable al desbordamiento de búfer a través de formSetMacFilterCfg. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetMacFilterCfg/formSetMacFilterCfg.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45643
https://notcve.org/view.php?id=CVE-2022-45643
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro deviceId en la función addWifiMacFilter. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/addWifiMacFilter_deviceId/addWifiMacFilter_deviceId.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •