CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4252 – Tenda i22 formSetUrlFilterRule stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4252
A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-262143. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md https://vuldb.com/?ctiid.262143 https://vuldb.com/?id.262143 https://vuldb.com/?submit.319840 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45665
https://notcve.org/view.php?id=CVE-2022-45665
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento del búfer a través del parámetro funcpara1 en la función formSetCfm. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formSetCfm/formWifiMacFilterSet.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45666
https://notcve.org/view.php?id=CVE-2022-45666
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento del búfer a través del parámetro list en la función formwrlSSIDset. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formwrlSSIDset/formwrlSSIDset.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45669
https://notcve.org/view.php?id=CVE-2022-45669
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento de búfer a través del parámetro index en la función formWifiMacFilterGet. • https://github.com/ConfusedChenSir/VulnerabilityProjectRecords/blob/main/formWifiMacFilterGet/formWifiMacFilterGet.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45667
https://notcve.org/view.php?id=CVE-2022-45667
Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. Tenda i22 V1.0.0.3(4687) es vulnerable a Cross-Site Request Forgery (CSRF) a través de la función deSysToolRestoreSet. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/fromSysToolRestoreSet/fromSysToolRestoreSet.md • CWE-352: Cross-Site Request Forgery (CSRF) •