CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34570
https://notcve.org/view.php?id=CVE-2023-34570
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName. • https://hackmd.io/%400dayResearch/S1eI91_l2 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34567
https://notcve.org/view.php?id=CVE-2023-34567
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg. • https://hackmd.io/%400dayResearch/H1xUqzfHh • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34566
https://notcve.org/view.php?id=CVE-2023-34566
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo. • https://hackmd.io/%400dayResearch/rk8hQf5rh • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-33530
https://notcve.org/view.php?id=CVE-2023-33530
There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges. • http://tenda.com https://github.com/D2y6p/CVE/blob/main/tenda/CVE-2023-33530/RCE2/tenda_G103_RCE_2.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-33669
https://notcve.org/view.php?id=CVE-2023-33669
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. • https://github.com/DDizzzy79/Tenda-CVE/blob/main/AC8V4.0/N1/README.md https://github.com/DDizzzy79/Tenda-CVE/tree/main/AC8V4.0/N1 • CWE-787: Out-of-bounds Write •