Filtered by vendor Tendacn
Subscriptions
Total
149 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-9138 | 1 Tendacn | 6 F1200, F1200 Firmware, F1202 and 3 more | 2024-11-21 | N/A |
There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass intended access restrictions by sending shell commands directly and reading their results, or by entering shell commands that change this router's username and password. | ||||
CVE-2024-50854 | 2 Tenda, Tendacn | 3 G3, G3, G3 Firmware | 2024-11-15 | 8.8 High |
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. | ||||
CVE-2024-46628 | 2 Tenda, Tendacn | 3 G3 Firmware, G3, G3 Firmware | 2024-10-04 | 8 High |
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. | ||||
CVE-2024-42942 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the frmL7ImForm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42945 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromAddressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42949 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42953 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the PPW parameter in the fromWizardHandle function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-42954 | 2 Tenda, Tendacn | 3 Fh1201 Firmware, Fh1201, Fh1201 Firmware | 2024-08-16 | 6.5 Medium |
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromwebExcptypemanFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
CVE-2024-7581 | 2 Tenda, Tendacn | 3 A301 Firmware, A301, A301 Firmware | 2024-08-07 | 8.8 High |
A vulnerability classified as critical has been found in Tenda A301 15.13.08.12. This affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation of the argument security leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. |