CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities

Filtered by vendor Tenda Subscriptions

Total 938 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-40893	1 Tenda	2 Ac8v4, Ac8v4 Firmware	2024-11-21	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
CVE-2023-40892	1 Tenda	2 Ac8v4, Ac8v4 Firmware	2024-11-21	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi.
CVE-2023-40891	1 Tenda	2 Ac8v4, Ac8v4 Firmware	2024-11-21	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.
CVE-2023-40848	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
CVE-2023-40847	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
CVE-2023-40846	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
CVE-2023-40845	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
CVE-2023-40844	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
CVE-2023-40843	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
CVE-2023-40842	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
CVE-2023-40841	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
CVE-2023-40840	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
CVE-2023-40839	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.
CVE-2023-40838	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
CVE-2023-40837	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute commands.
CVE-2023-40830	1 Tenda	2 Ac6, Ac6 Firmware	2024-11-21	9.8 Critical
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
CVE-2023-40802	1 Tenda	2 Ac23, Ac23 Firmware	2024-11-21	6.5 Medium
The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn
CVE-2023-40801	1 Tenda	2 Ac23, Ac23 Firmware	2024-11-21	8.8 High
The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
CVE-2023-40800	1 Tenda	2 Ac23, Ac23 Firmware	2024-11-21	8.8 High
The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
CVE-2023-40799	1 Tenda	2 Ac23, Ac23 Firmware	2024-11-21	9.8 Critical
Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.

« first previous Page 15 of 47. next last »