Filtered by vendor Tendacn Subscriptions
Total 149 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-13392 1 Tendacn 8 Ac15, Ac15 Firmware, Ac18 and 5 more 2024-11-21 9.8 Critical
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
CVE-2020-13391 1 Tendacn 8 Ac15, Ac15 Firmware, Ac18 and 5 more 2024-11-21 9.8 Critical
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
CVE-2020-13390 1 Tendacn 8 Ac15, Ac15 Firmware, Ac18 and 5 more 2024-11-21 9.8 Critical
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
CVE-2020-13389 1 Tendacn 8 Ac15, Ac15 Firmware, Ac18 and 5 more 2024-11-21 9.8 Critical
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
CVE-2019-5072 1 Tendacn 2 Ac1200 Smart Dual-band Gigabit Wifi, Ac9v1.0 Firmware 2024-11-21 7.8 High
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS2 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.
CVE-2019-5071 1 Tendacn 2 Ac1200 Smart Dual-band Gigabit Wifi, Ac9v1.0 Firmware 2024-11-21 7.8 High
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the DNS1 post parameters, resulting in code execution. An attacker can send HTTP POST request with command to trigger this vulnerability.
CVE-2019-19506 1 Tendacn 2 Pa6, Pa6 Firmware 2024-11-21 7.5 High
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot.
CVE-2019-19505 1 Tendacn 2 Pa6, Pa6 Firmware 2024-11-21 8.8 High
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE-2019-16412 1 Tendacn 2 N301, N301 Firmware 2024-11-21 7.5 High
In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)
CVE-2019-16213 1 Tendacn 2 Pa6, Pa6 Firmware 2024-11-21 8.8 High
Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges.
CVE-2018-7561 2 Tenda, Tendacn 2 Ac9, Ac9 Firmware 2024-11-21 N/A
Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-5770 1 Tendacn 2 Ac15, Ac15 Firmware 2024-11-21 N/A
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in.
CVE-2018-5768 1 Tendacn 2 Ac15, Ac15 Firmware 2024-11-21 N/A
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.
CVE-2018-5767 1 Tendacn 2 Ac15, Ac15 Firmware 2024-11-21 N/A
An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
CVE-2018-20373 1 Tendacn 2 Adsl, Adsl Firmware 2024-11-21 N/A
Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.
CVE-2018-16334 1 Tendacn 4 Ac10, Ac10 Firmware, Ac9 and 1 more 2024-11-21 N/A
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
CVE-2018-16333 1 Tendacn 10 Ac10, Ac10 Firmware, Ac15 and 7 more 2024-11-21 N/A
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow.
CVE-2018-14497 1 Tendacn 2 D152, D152 Firmware 2024-11-21 N/A
Tenda D152 ADSL routers allow XSS via a crafted SSID.
CVE-2018-14492 1 Tendacn 10 Ac10, Ac10 Firmware, Ac15 and 7 more 2024-11-21 N/A
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2017-9139 1 Tendacn 6 F1200, F1200 Firmware, F1202 and 3 more 2024-11-21 N/A
There is a stack-based buffer overflow on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). Crafted POST requests to an unspecified URL result in DoS, interrupting the HTTP service (used to login to the web UI of a router) for 1 to 2 seconds.