CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 1CVE-2023-38823
https://notcve.org/view.php?id=CVE-2023-38823
20 Nov 2023 — Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. Vulnerabilidad de desbordamiento del búfer en Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 y v.1.0 permite a un atacante remoto ejecutar código arbitrario a través de la función formSetCfm en bin/httpd. • https://github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-42659
https://notcve.org/view.php?id=CVE-2021-42659
24 May 2022 — There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. Se presenta una vulnerabilidad de desbordamiento de búfer en el servidor web httpd del router en los dispositivos de router Tenda, como Tenda AC9 versión V1.0 V15.03.02.19(6318) y Tenda AC9 versión V3.0 V15.03.06.... • https://github.com/Lyc-heng/routers/blob/main/routers/stack4.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 2CVE-2020-26728
https://notcve.org/view.php?id=CVE-2020-26728
11 Feb 2022 — A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request. Se ha detectado una vulnerabilidad en Tenda AC9 versión v3.0 V15.03.06.42_multi y Tenda AC9 versión V1.0 V15.03.05.19(6318)_CN que permite una ejecución de código remota por medio de metacaracteres de shell en el campo guestuser a la función __fastcall con una petició... • https://github.com/Lyc-heng/Router/blob/main/Tenda/rce1.md •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31627
https://notcve.org/view.php?id=CVE-2021-31627
29 Oct 2021 — Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro index • http://tenda.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31624
https://notcve.org/view.php?id=CVE-2021-31624
29 Oct 2021 — Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro urls • http://tenda.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 5%CPEs: 6EXPL: 1CVE-2020-22079
https://notcve.org/view.php?id=CVE-2020-22079
29 Oct 2021 — Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg. Un desbordamiento del búfer en la región stack de la memoria en el router AC-10U AC1200 de Tenda versión US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01, permite a atacantes remotos ejecutar código arbitrario por medio del parámetro timeZone de goform/SetSysTimeCfg • https://cwe.mitre.org/data/definitions/121.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 1CVE-2020-13389
https://notcve.org/view.php?id=CVE-2020-13389
22 May 2020 — An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a funct... • https://joel-malwarebenchmark.github.io • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 2CVE-2020-13390
https://notcve.org/view.php?id=CVE-2020-13390
22 May 2020 — An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An at... • https://joel-malwarebenchmark.github.io • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 2CVE-2020-13391
https://notcve.org/view.php?id=CVE-2020-13391
22 May 2020 — An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can con... • https://joel-malwarebenchmark.github.io • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 10EXPL: 2CVE-2020-13392
https://notcve.org/view.php?id=CVE-2020-13392
22 May 2020 — An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construc... • https://joel-malwarebenchmark.github.io • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •