CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-10351 – Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow
https://notcve.org/view.php?id=CVE-2024-10351
24 Oct 2024 — A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. • https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/setMacFilterCfg.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-10283 – Tenda RX9/RX9 Pro SetNetControlList sub_4337EC stack-based overflow
https://notcve.org/view.php?id=CVE-2024-10283
23 Oct 2024 — A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetNetControlList.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 1CVE-2024-10282 – Tenda RX9/RX9 Pro SetVirtualServerCfg sub_42EA38 stack-based overflow
https://notcve.org/view.php?id=CVE-2024-10282
23 Oct 2024 — A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetVirtualServerCfg.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 1CVE-2024-10281 – Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow
https://notcve.org/view.php?id=CVE-2024-10281
23 Oct 2024 — A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://gitee.com/GXB0_0/iot-vul/blob/master/Tenda/RX9/20/SetStaticRouteCfg.md • CWE-121: Stack-based Buffer Overflow •