CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38933
https://notcve.org/view.php?id=CVE-2023-38933
07 Aug 2023 — Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetClientState/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 1CVE-2023-38930
https://notcve.org/view.php?id=CVE-2023-38930
07 Aug 2023 — Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/addWifiMacFilter/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 1CVE-2023-38934
https://notcve.org/view.php?id=CVE-2023-38934
07 Aug 2023 — Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) was discovered to contain a stack overflow via the deviceId parameter in the formSetDeviceName function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetDeviceName/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38931
https://notcve.org/view.php?id=CVE-2023-38931
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/cloudv2_setaccount/README.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 1CVE-2023-38940
https://notcve.org/view.php?id=CVE-2023-38940
07 Aug 2023 — Tenda F1203 V2.0.1.6, FH1203 V2.0.1.6 and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. • https://github.com/FirmRec/IoT-Vulns/tree/main/tenda/form_fast_setting_wifi_set • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-38936
https://notcve.org/view.php?id=CVE-2023-38936
07 Aug 2023 — Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/formSetSpeedWan/README.md • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-46542
https://notcve.org/view.php?id=CVE-2022-46542
20 Dec 2022 — Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat. Se descubrió que Tenda F1203 V2.0.1.6 contenía un desbordamiento del búfer a través del parámetro de página en /goform/addressNat. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/fromAddressNat_page/fromAddressNat_page.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-46541
https://notcve.org/view.php?id=CVE-2022-46541
20 Dec 2022 — Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set. Se descubrió que Tenda F1203 V2.0.1.6 contenía un desbordamiento del búfer a través del parámetro ssid en /goform/fast_setting_wifi_set. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/form_fast_setting_wifi_set/form_fast_setting_wifi_set.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-46551
https://notcve.org/view.php?id=CVE-2022-46551
20 Dec 2022 — Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/saveParentControlInfo. Se descubrió que Tenda F1203 V2.0.1.6 contenía un desbordamiento del búfer a través del parámetro de tiempo en /goform/saveParentControlInfo. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/saveParentControlInfo_time/saveParentControlInfo_time.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-46549
https://notcve.org/view.php?id=CVE-2022-46549
20 Dec 2022 — Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo. Se descubrió que Tenda F1203 V2.0.1.6 contenía un desbordamiento del búfer a través del parámetro deviceId en /goform/saveParentControlInfo. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_f1203/saveParentControlInfo_deviceId/saveParentControlInfo_deviceId.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •