CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25215
https://notcve.org/view.php?id=CVE-2023-25215
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/3/3.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25216
https://notcve.org/view.php?id=CVE-2023-25216
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/9/9.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25217
https://notcve.org/view.php?id=CVE-2023-25217
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/10/10.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25218
https://notcve.org/view.php?id=CVE-2023-25218
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/8/8.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25219
https://notcve.org/view.php?id=CVE-2023-25219
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/11/11.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25220
https://notcve.org/view.php?id=CVE-2023-25220
07 Apr 2023 — Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. • https://github.com/DrizzlingSun/Tenda/blob/main/AC5/7/7.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-44971
https://notcve.org/view.php?id=CVE-2021-44971
28 Jan 2022 — Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE. Múltiples dispositivos Tenda están afectados por una omisión de autenticación, como AC15V1.0 Firmware versión V15.03.05.20_multi... AC5V1.0 Firmware versión V15.03.06.48_multi, etc. un atacante puede obtener información confidencial, e i... • http://ac15v10.com • CWE-697: Incorrect Comparison •