CVE-2023-38935
https://notcve.org/view.php?id=CVE-2023-38935
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetQosBand/README.md • CWE-787: Out-of-bounds Write •
CVE-2023-38936
https://notcve.org/view.php?id=CVE-2023-38936
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetSpeedWan/README.md • CWE-787: Out-of-bounds Write •
CVE-2023-38937
https://notcve.org/view.php?id=CVE-2023-38937
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetVirtualSer/README.md • CWE-787: Out-of-bounds Write •
CVE-2023-31587
https://notcve.org/view.php?id=CVE-2023-31587
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. • https://github.com/yanbushuang/CVE/blob/main/TendaAC5.md https://www.tenda.com.cn/download/detail-2740.html https://www.tenda.com.cn/product/AC5.html •
CVE-2023-30368
https://notcve.org/view.php?id=CVE-2023-30368
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. • https://github.com/2205794866/Tenda/blob/main/AC5/1.md • CWE-787: Out-of-bounds Write •