CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25428
https://notcve.org/view.php?id=CVE-2022-25428
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene un desbordamiento de pila por medio del parámetro deviceId en la función saveparentcontrolinfo • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/3 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25431
https://notcve.org/view.php?id=CVE-2022-25431
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene múltiples desbordamientos de pila por medio de los parámetros NPTR, V12, V10 y V11 en la función Formsetqosband • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/4 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25429
https://notcve.org/view.php?id=CVE-2022-25429
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene un desbordamiento de búfer por medio del parámetro time en la función saveparentcontrolinfo • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/1 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25427
https://notcve.org/view.php?id=CVE-2022-25427
18 Mar 2022 — Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function. Se ha detectado que Tenda AC9 versión v15.03.2.21, contiene un desbordamiento de pila por medio del parámetro schedendtime en la función openSchedWifi • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25418
https://notcve.org/view.php?id=CVE-2022-25418
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio de la función openSchedWifi • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-25417
https://notcve.org/view.php?id=CVE-2022-25417
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio de la función saveparentcontrolinfo • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/3 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-25414
https://notcve.org/view.php?id=CVE-2022-25414
22 Feb 2022 — Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR. Se ha detectado que Tenda AC9 versión V15.03.2.21_cn, contiene un desbordamiento de pila por medio del parámetro NPTR • https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC9/1 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 2CVE-2020-26728
https://notcve.org/view.php?id=CVE-2020-26728
11 Feb 2022 — A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request. Se ha detectado una vulnerabilidad en Tenda AC9 versión v3.0 V15.03.06.42_multi y Tenda AC9 versión V1.0 V15.03.05.19(6318)_CN que permite una ejecución de código remota por medio de metacaracteres de shell en el campo guestuser a la función __fastcall con una petició... • https://github.com/Lyc-heng/Router/blob/main/Tenda/rce1.md •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2018-14559
https://notcve.org/view.php?id=CVE-2018-14559
25 Apr 2019 — An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the list parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Se de... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-02/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2018-14557
https://notcve.org/view.php?id=CVE-2018-14557
25 Apr 2019 — An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the page parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, a causing buffer overflow. Se de... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-03/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •