CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26805
https://notcve.org/view.php?id=CVE-2023-26805
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBindModify. • https://github.com/Stevenbaga/fengsha/blob/main/W20E/formIPMacBindModify.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-26806
https://notcve.org/view.php?id=CVE-2023-26806
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime, • https://github.com/Stevenbaga/fengsha/blob/main/W20E/SetSysTime.md • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1CVE-2023-27240
https://notcve.org/view.php?id=CVE-2023-27240
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip parameter at /goform/AdvSetLanip. • https://github.com/yjzy00001/CVE/blob/main/vuln/rce/readme.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27239
https://notcve.org/view.php?id=CVE-2023-27239
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the shareSpeed parameter at /goform/WifiGuestSet. • https://github.com/yjzy00001/CVE/blob/main/vuln/WifiGuestSet/readme.md • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27062
https://notcve.org/view.php?id=CVE-2023-27062
Tenda V15V1.0 was discovered to contain a buffer overflow vulnerability via the gotoUrl parameter in the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. • https://github.com/didi-zhiyuan/vuln/blob/main/iot/Tenda/W15EV1/formPortalAuth.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •