CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-33180
https://notcve.org/view.php?id=CVE-2024-33180
16 Jul 2024 — Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. Se descubrió que Tenda AC18 V15.03.3.10_EN contiene una vulnerabilidad de desbordamiento del búfer basada en pila a través del parámetro deviceId en ip/goform/saveParentControlInfo. • https://palm-vertebra-fe9.notion.site/saveParentControlInfo_1-7c9695d0251945ae8006db705b9b80ac • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33181
https://notcve.org/view.php?id=CVE-2024-33181
16 Jul 2024 — Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter. Se descubrió que Tenda AC18 V15.03.3.10_EN contiene una vulnerabilidad de desbordamiento del búfer basada en pila a través del parámetro deviceMac en ip/goform/addWifiMacFilter. • https://palm-vertebra-fe9.notion.site/addWifiMacFilter_2-0f7fab42d4254867b46fe92b25dc7c40 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2024-33182
https://notcve.org/view.php?id=CVE-2024-33182
16 Jul 2024 — Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. Se descubrió que Tenda AC18 V15.03.3.10_EN contiene una vulnerabilidad de desbordamiento del búfer basada en pila a través del parámetro deviceId en ip/goform/addWifiMacFilter. • https://palm-vertebra-fe9.notion.site/addWifiMacFilter_1-067fa6984f0d4933b88c63efd7486479 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40862
https://notcve.org/view.php?id=CVE-2022-40862
23 Sep 2022 — Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting Los routers Tenda AC15 y AC18 versiones V15.03.05.19 contienen una vulnerabilidad de desbordamiento de pila en la función fromNatStaticSetting con la petición /goform/NatStaticSetting • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromNatStaticSetting.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40864
https://notcve.org/view.php?id=CVE-2022-40864
23 Sep 2022 — Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet Los routers Tenda AC15 y AC18 versiones V15.03.05.19, contienen vulnerabilidades de desbordamiento de pila en la función setSmartPowerManagement con la petición /goform/PowerSaveSet • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSmartPowerManagement.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40865
https://notcve.org/view.php?id=CVE-2022-40865
23 Sep 2022 — Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ Los routers Tenda AC15 y AC18 V15.03.05.19, contienen vulnerabilidades de desbordamiento de pila en la función setSchedWifi con la petición /goform/openSchedWifi/ • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/setSchedWifi.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-40869
https://notcve.org/view.php?id=CVE-2022-40869
23 Sep 2022 — Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). Los routers Tenda AC15 y AC18 V15.03.05.19, contienen vulnerabilidades de desbordamiento de pila en la función fromDhcpListClient con un parámetro combinado "list*" ("%s%d", "list"). • https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/fromDhcpListClient-list.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2022-38326
https://notcve.org/view.php?id=CVE-2022-38326
15 Sep 2022 — Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. Se ha detectado que los routers WiFi Tenda AC15 V15.03.05.19_multi y AC18 V15.03.05.19_multi, contienen un desbordamiento de búfer por medio del parámetro de página en /goform/NatStaticSetting • https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_NatStaticSetting.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2022-38325
https://notcve.org/view.php?id=CVE-2022-38325
15 Sep 2022 — Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. Se ha detectado que los routers WiFi Tenda AC15 versión V15.03.05.19_multi y AC18 versión V15.03.05.19_multi, contienen un desbordamiento de búfer por medio del parámetro filePath en /goform/expandDlnaFile • https://github.com/1160300418/Vuls/blob/main/Tenda/AC/Vul_expandDlnaFile.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 54%CPEs: 3EXPL: 1CVE-2022-31446
https://notcve.org/view.php?id=CVE-2022-31446
14 Jun 2022 — Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac. Se ha detectado que el router Tenda AC18 versiones V15.03.05.19 y V15.03.05.05, contiene una vulnerabilidad de ejecución de código remota (RCE) por medio del parámetro Mac en ip/goform/WriteFacMac • https://github.com/wshidamowang/Router/blob/main/Tenda/AC18/RCE_1.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •