CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38936
https://notcve.org/view.php?id=CVE-2023-38936
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetSpeedWan/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38930
https://notcve.org/view.php?id=CVE-2023-38930
Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/addWifiMacFilter/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38935
https://notcve.org/view.php?id=CVE-2023-38935
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetQosBand/README.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2023-31587
https://notcve.org/view.php?id=CVE-2023-31587
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. • https://github.com/yanbushuang/CVE/blob/main/TendaAC5.md https://www.tenda.com.cn/download/detail-2740.html https://www.tenda.com.cn/product/AC5.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30368
https://notcve.org/view.php?id=CVE-2023-30368
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. • https://github.com/2205794866/Tenda/blob/main/AC5/1.md • CWE-787: Out-of-bounds Write •