CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18727
https://notcve.org/view.php?id=CVE-2018-18727
28 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceList' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, ... • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack1.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18729
https://notcve.org/view.php?id=CVE-2018-18729
28 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow. Se ha descubierto un problema en dispositivos Tenda AC... • https://github.com/ZIllR0/Routers/blob/master/Tenda/heapoverflow1.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 1CVE-2018-18728
https://notcve.org/view.php?id=CVE-2018-18728
28 Oct 2018 — An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request. Se ha descubierto un problema en dispositivos Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN y AC18 V15.03.05.19(6318)_CN. Permiten la ejecución remota de código mediante metacaracteres shell en el campo usbName en la función __fastcall con una petición PO... • https://github.com/ZIllR0/Routers/blob/master/Tenda/rce1.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18731
https://notcve.org/view.php?id=CVE-2018-18731
28 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, ... • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack4.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18732
https://notcve.org/view.php?id=CVE-2018-18732
28 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, A... • https://github.com/ZIllR0/Routers/blob/master/Tenda/stack2.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18709
https://notcve.org/view.php?id=CVE-2018-18709
27 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 ... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-08/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18706
https://notcve.org/view.php?id=CVE-2018-18706
27 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromDhcpListClient" for a request, it is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-06/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18708
https://notcve.org/view.php?id=CVE-2018-18708
27 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Ten... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-05/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-18707
https://notcve.org/view.php?id=CVE-2018-18707
27 Oct 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function. Se ha descubierto un problema en dispositivos Tenda AC7 V15.03.06.44_CN, AC9 V15.03... • https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-07/Tenda.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 1CVE-2018-16333
https://notcve.org/view.php?id=CVE-2018-16333
02 Sep 2018 — An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Se ha descubierto un problema en dispositivos Tenda AC7 V... • https://github.com/ZIllR0/Routers/blob/master/Tenda/oob1.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •