CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2024-2806 – Tenda AC15 addWifiMacFilter stack-based overflow
https://notcve.org/view.php?id=CVE-2024-2806
22 Mar 2024 — A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC15/V1.0%20V15.03.20_multi/addWifiMacFilter_deviceId.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-39673
https://notcve.org/view.php?id=CVE-2023-39673
18 Aug 2023 — Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). Se ha descubierto que Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 contiene un desbordamiento de búfer a través de la función FUN_00010e34(). • https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC15%20Impoper%20Input%20Validation.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30369
https://notcve.org/view.php?id=CVE-2023-30369
24 Apr 2023 — Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. • https://github.com/2205794866/Tenda/blob/main/AC15/3.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30370
https://notcve.org/view.php?id=CVE-2023-30370
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/7.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30371
https://notcve.org/view.php?id=CVE-2023-30371
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/4.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30372
https://notcve.org/view.php?id=CVE-2023-30372
24 Apr 2023 — In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/10.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30373
https://notcve.org/view.php?id=CVE-2023-30373
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/8.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30375
https://notcve.org/view.php?id=CVE-2023-30375
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30376
https://notcve.org/view.php?id=CVE-2023-30376
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/9.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30378
https://notcve.org/view.php?id=CVE-2023-30378
24 Apr 2023 — In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. • https://github.com/2205794866/Tenda/blob/main/AC15/5.md • CWE-787: Out-of-bounds Write •