CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40830
https://notcve.org/view.php?id=CVE-2023-40830
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. Tenda AC6 v15.03.05.19 es vulnerable al desbordamiento del búfer ya que el parámetro Índice no verifica la longitud. • https://reference1.example.com/goform/WifiWpsOOB • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-42320
https://notcve.org/view.php?id=CVE-2023-42320
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. La vulnerabilidad de Desbordamiento de Búfer en Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 permite a un atacante remoto provocar una denegación de servicio a través del parámetro mac en la función GetParentControlInfo. • https://github.com/aixiao0621/Tenda/blob/main/AC10/0.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4498 – Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router
https://notcve.org/view.php?id=CVE-2023-4498
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only Tenda N300 Wireless N VDSL2 Modem Router permite el acceso no autenticado a páginas que a su vez deberían ser accesibles solo para usuarios autenticados • https://kb.cert.org/vuls/id/304455 • CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40546
https://notcve.org/view.php?id=CVE-2021-40546
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin permite a atacantes (que tienen la contraseña de administrador) provocar una denegación de servicio (caída del dispositivo) a través de una cadena larga en el parámetro wifiPwd_5G en /goform/setWifi. • https://github.com/doudoudedi/buffer_overflow/blob/main/Tenda%20AC6%20V4.0-Denial%20of%20Service%20Vulnerability.md • CWE-404: Improper Resource Shutdown or Release •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4744 – Tenda AC8 formSetDeviceName stack-based overflow
https://notcve.org/view.php?id=CVE-2023-4744
A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. • https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md https://vuldb.com/?ctiid.238633 https://vuldb.com/?id.238633 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •