CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 1CVE-2023-38823
https://notcve.org/view.php?id=CVE-2023-38823
20 Nov 2023 — Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. Vulnerabilidad de desbordamiento del búfer en Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 y v.1.0 permite a un atacante remoto ejecutar código arbitrario a través de la función formSetCfm en bin/httpd. • https://github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2023-41552
https://notcve.org/view.php?id=CVE-2023-41552
30 Aug 2023 — Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set. • https://github.com/peris-navince/founded-0-days/blob/main/form_fast_setting_wifi_set/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2023-41553
https://notcve.org/view.php?id=CVE-2023-41553
30 Aug 2023 — Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg. • https://github.com/peris-navince/founded-0-days/blob/main/fromSetRouteStatic/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-41554
https://notcve.org/view.php?id=CVE-2023-41554
30 Aug 2023 — Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet. • https://github.com/peris-navince/founded-0-days/blob/main/fromSetWirelessRepeat/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 1CVE-2023-41556
https://notcve.org/view.php?id=CVE-2023-41556
30 Aug 2023 — Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind. • https://github.com/peris-navince/founded-0-days/blob/main/fromSetIpMacBind/1.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1CVE-2023-37716
https://notcve.org/view.php?id=CVE-2023-37716
14 Jul 2023 — Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromNatStaticSetting/report.md • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 1CVE-2023-37717
https://notcve.org/view.php?id=CVE-2023-37717
14 Jul 2023 — Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. • https://github.com/FirmRec/IoT-Vulns/blob/main/tenda/fromDhcpListClient/repot.md • CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36571
https://notcve.org/view.php?id=CVE-2022-36571
31 Aug 2022 — Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting. Se ha detectado que Tenda AC9 versión V15.03.05.19, contiene un desbordamiento de pila por medio del parámetro mask en /goform/WanParameterSetting • https://github.com/CyberUnicornIoT/IoTvuln/blob/main/Tenda_ac9/2/tenda_ac9_WanParameterSetting.md • CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36570
https://notcve.org/view.php?id=CVE-2022-36570
31 Aug 2022 — Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg. Se ha detectado que Tenda AC9 versión V15.03.05.19, contenía un desbordamiento de pila por medio del parámetro time en /goform/SetLEDCfg • https://github.com/CyberUnicornIoT/IoTvuln/blob/main/Tenda_ac9/1/tenda_ac9_SetLEDCfg.md • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-36569
https://notcve.org/view.php?id=CVE-2022-36569
31 Aug 2022 — Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg. Se ha detectado que Tenda AC9 versión V15.03.05.19, contenía un desbordamiento de pila por el parámetro deviceList en /goform/setMacFilterCfg • https://github.com/CyberUnicornIoT/IoTvuln/blob/main/Tenda_ac9/4/tenda_ac9_setMacFilterCfg.md • CWE-787: Out-of-bounds Write •