CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10750 – Tenda i22 SysToo websReadEvent null pointer dereference
https://notcve.org/view.php?id=CVE-2024-10750
04 Nov 2024 — A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. • https://github.com/xiaobor123/tenda-vul-i22 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7585 – Tenda i22 apPortalAuth formApPortalWebAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7585
07 Aug 2024 — A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalWebAuth • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7584 – Tenda i22 apPortalPhoneAuth formApPortalPhoneAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7584
07 Aug 2024 — A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalPhoneAuth • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7583 – Tenda i22 apPortalOneKeyAuth formApPortalOneKeyAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7583
07 Aug 2024 — A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalOneKeyAuth • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7582 – Tenda i22 apPortalAccessCodeAuth formApPortalAccessCodeAuth buffer overflow
https://notcve.org/view.php?id=CVE-2024-7582
07 Aug 2024 — A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/BeaCox/IoT_vuln/tree/main/tenda/i22/ApPortalAccessCodeAuth • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4252 – Tenda i22 formSetUrlFilterRule stack-based overflow
https://notcve.org/view.php?id=CVE-2024-4252
27 Apr 2024 — A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-262143. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/i/i22/formSetUrlFilterRule.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45665
https://notcve.org/view.php?id=CVE-2022-45665
20 Dec 2022 — Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento del búfer a través del parámetro funcpara1 en la función formSetCfm. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formSetCfm/formWifiMacFilterSet.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45666
https://notcve.org/view.php?id=CVE-2022-45666
20 Dec 2022 — Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento del búfer a través del parámetro list en la función formwrlSSIDset. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formwrlSSIDset/formwrlSSIDset.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45663
https://notcve.org/view.php?id=CVE-2022-45663
02 Dec 2022 — Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento de búfer a través del parámetro de índice en la función formWifiMacFilterSet. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formWifiMacFilterSet/formWifiMacFilterSet.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45664
https://notcve.org/view.php?id=CVE-2022-45664
02 Dec 2022 — Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. Se descubrió que Tenda i22 V1.0.0.3(4687) contenía un desbordamiento de búfer a través del parámetro list en la función formwrlSSIDget. • https://github.com/Double-q1015/CVE-vulns/blob/main/tenda_i22/formwrlSSIDget/formWifiMacFilterGet.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •