CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44023
https://notcve.org/view.php?id=CVE-2023-44023
27 Sep 2023 — Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. Se descubrió que Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 contenía un desbordamiento de la pila de memoria a través del parámetro ssid en la función form_fast_setting_wifi_set. • https://github.com/aixiao0621/Tenda/blob/main/AC10U/4/0.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-40942
https://notcve.org/view.php?id=CVE-2023-40942
07 Sep 2023 — Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 was discovered stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg. Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 se descubrió un desbordamiento de pila a través del parámetro 'firewall_value' en url /goform/SetFirewallCfg. • https://github.com/GleamingEyes/vul/blob/main/tenda_ac9/SetFirewallCfg.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 13%CPEs: 2EXPL: 1CVE-2023-37144
https://notcve.org/view.php?id=CVE-2023-37144
07 Jul 2023 — Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac. • https://github.com/DaDong-G/Vulnerability_info/blob/main/ac10_command_injection/Readme.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45643
https://notcve.org/view.php?id=CVE-2022-45643
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro deviceId en la función addWifiMacFilter. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/addWifiMacFilter_deviceId/addWifiMacFilter_deviceId.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45644
https://notcve.org/view.php?id=CVE-2022-45644
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento del búfer a través del parámetro deviceId en la función formSetClientState. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_deviceId/formSetClientState_deviceId.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45645
https://notcve.org/view.php?id=CVE-2022-45645
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro deviceMac en la función addWifiMacFilter. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/addWifiMacFilter_deviceMac/addWifiMacFilter_derviceMac.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45646
https://notcve.org/view.php?id=CVE-2022-45646
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro limitSpeedUp en la función formSetClientState. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_limitSpeedUp/formSetClientState_limitSpeed.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45647
https://notcve.org/view.php?id=CVE-2022-45647
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro limitSpeed en la función formSetClientState. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetClientState_limitSpeed/formSetClientState_limitSpeed.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45648
https://notcve.org/view.php?id=CVE-2022-45648
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro devName en la función formSetDeviceName. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetDeviceName/formSetDeviceName.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45649
https://notcve.org/view.php?id=CVE-2022-45649
02 Dec 2022 — Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function. Se descubrió que Tenda AC6V1.0 V15.03.05.19 contenía un desbordamiento de búfer a través del parámetro endIp en la función formSetPPTPServer. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_ac6/formSetPPTPServer_endIp/formSetPPTPServer_endIp.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •