CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40865
https://notcve.org/view.php?id=CVE-2022-40865
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ Los routers Tenda AC15 y AC18 V15.03.05.19, contienen vulnerabilidades de desbordamiento de pila en la función setSchedWifi con la petición /goform/openSchedWifi/ • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSchedWifi.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/setSchedWifi.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40869
https://notcve.org/view.php?id=CVE-2022-40869
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). Los routers Tenda AC15 y AC18 V15.03.05.19, contienen vulnerabilidades de desbordamiento de pila en la función fromDhcpListClient con un parámetro combinado "list*" ("%s%d", "list"). • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromDhcpListClient-list.md https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/fromDhcpListClient-list.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-37175
https://notcve.org/view.php?id=CVE-2022-37175
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. Tenda ac15 firmware V15.03.05.18, el servidor httpd presenta desbordamiento de búfer de pila en /goform/formWifiBasicSet. • https://drive.google.com/file/d/16hshiCHS8j3YaFPkQD3xajVuwu_QVBe3/view https://www.cnblogs.com/Amalll/p/16527552.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44352
https://notcve.org/view.php?id=CVE-2021-44352
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. Existe una vulnerabilidad de desbordamiento del búfer basada en la pila en el dispositivo Tenda AC15 V15.03.05.18_multi a través del parámetro list en una solicitud posterior en goform/SetIpMacBind • https://github.com/zhlu32/cve/blob/main/tenda/Tenda-ac15-buffer-overflow.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 38%CPEs: 2EXPL: 1CVE-2020-15916
https://notcve.org/view.php?id=CVE-2020-15916
goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. El endpoint goform/AdvSetLanip en los dispositivos Tenda AC15 AC1900 versiones 15.03.05.19, permite a atacantes remotos ejecutar comandos arbitrarios del sistema por medio de metacaracteres de shell en el parámetro lanIp POST • https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •