
CVE-2022-25429
https://notcve.org/view.php?id=CVE-2022-25429
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene un desbordamiento de búfer por medio del parámetro time en la función saveparentcontrolinfo • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/1 • CWE-787: Out-of-bounds Write •

CVE-2022-25427
https://notcve.org/view.php?id=CVE-2022-25427
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene un desbordamiento de pila por medio del parámetro schedendtime en la función openSchedWifi • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/2 • CWE-787: Out-of-bounds Write •

CVE-2022-25418
https://notcve.org/view.php?id=CVE-2022-25418
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio de la función openSchedWifi • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/2 • CWE-787: Out-of-bounds Write •

CVE-2022-25417
https://notcve.org/view.php?id=CVE-2022-25417
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio de la función saveparentcontrolinfo • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/3 • CWE-787: Out-of-bounds Write •

CVE-2022-25414
https://notcve.org/view.php?id=CVE-2022-25414
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio del parámetro NPTR • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/1 • CWE-787: Out-of-bounds Write •

CVE-2021-31627
https://notcve.org/view.php?id=CVE-2021-31627
29 Oct 2021 — Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro index • http://tenda.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVE-2021-31624
https://notcve.org/view.php?id=CVE-2021-31624
29 Oct 2021 — Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro urls • http://tenda.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVE-2018-14559
https://notcve.org/view.php?id=CVE-2018-14559
25 Apr 2019 — An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the list parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Se de... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-02/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2018-14557
https://notcve.org/view.php?id=CVE-2018-14557
25 Apr 2019 — An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the page parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, a causing buffer overflow. Se de... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-03/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2018-14558 – Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2018-14558
30 Oct 2018 — An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Se ha descubierto un problema en dispositivos Tenda AC7 con firmwa... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-01/Tenda.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •