| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. |
| A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. |
| Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters. |
| Tenda G1V3.1si V16.01.7.8 Firmware V16.01.7.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. |
| Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. |
| A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. |
| Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId. |
| A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used. |
| A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. |
| A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used. |
| A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local network. The exploit has been publicly disclosed and may be utilized. |
| A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. |
| A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. |
| A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key
. It is possible to initiate the attack remotely. |
| A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key
. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. |
| A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. |
| A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected. |
| A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. |
| A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is the function fromSysToolChangePwd of the file /bin/httpd. Performing a manipulation of the argument sys.userpass results in stack-based buffer overflow. The attack can be initiated remotely. |
| A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected. |
