Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-0932
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The...
Tendacn Ac10u Firmware 15.03.06.49 Multi Tde01
9.8
CVSSv3
CVE-2021-38278
Tenda AC10-1200 v15.03.06.23_EN exists to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.
Tendacn Ac10 Firmware 15.03.06.23
9.8
CVSSv3
CVE-2018-5767
An issue exists on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
Tendacn Ac15 Firmware 15.03.1.16
1 EDB exploit
2 Github repositories
9.8
CVSSv3
CVE-2021-45401
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to t...
Tendacn Ac10u Firmware 15.03.06.49 Multi
9.8
CVSSv3
CVE-2023-40942
Tenda AC9 V3.0BR_V15.03.06.42_multi_TD01 exists stack overflow via parameter 'firewall_value' at url /goform/SetFirewallCfg.
Tendacn Ac9 Firmware 15.03.06.42 Multi Td0
9.8
CVSSv3
CVE-2021-44352
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.
Tendacn Ac15 Firmware 15.03.05.18 Multi
2 Github repositories
7.2
CVSSv3
CVE-2020-28093
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.
Tendacn Ac1200 Firmware 15.03.06.51
1 Github repository
7.5
CVSSv3
CVE-2020-28094
On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning.
Tendacn Ac1200 Firmware 15.03.06.51
1 Github repository
9.8
CVSSv3
CVE-2023-37144
Tenda AC10 v15.03.06.26 exists to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
Tendacn Ac10 Firmware 15.03.06.26
7.5
CVSSv3
CVE-2021-38772
Tenda AC10-1200 v15.03.06.23_EN exists to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
Tendacn Ac10 Firmware 15.03.06.23
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »