CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4117 – Tenda W15E DelPortMapping formDelPortMapping stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4117
A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this issue is the function formDelPortMapping of the file /goform/DelPortMapping. The manipulation of the argument portMappingIndex leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formDelPortMapping.md https://vuldb.com/?ctiid.261860 https://vuldb.com/?id.261860 https://vuldb.com/?submit.317822 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4116 – Tenda W15E DelDhcpRule formDelDhcpRule stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4116
A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this vulnerability is the function formDelDhcpRule of the file /goform/DelDhcpRule. The manipulation of the argument delDhcpIndex leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formDelDhcpRule.md https://vuldb.com/?ctiid.261859 https://vuldb.com/?id.261859 https://vuldb.com/?submit.317819 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4115 – Tenda W15E AddDnsForward formAddDnsForward stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4115
A vulnerability, which was classified as critical, was found in Tenda W15E 15.11.0.14. Affected is the function formAddDnsForward of the file /goform/AddDnsForward. The manipulation of the argument DnsForwardRule leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/W15Ev1.0/formAddDnsForward.md https://vuldb.com/?ctiid.261858 https://vuldb.com/?id.261858 https://vuldb.com/?submit.317818 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27062
https://notcve.org/view.php?id=CVE-2023-27062
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. • https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formPortalAuth.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27065
https://notcve.org/view.php?id=CVE-2023-27065
Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the picName parameter in the formDelWewifiPi function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. • https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formDelWewifiPic.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •