Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-22079
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote malicious users to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
Tendacn Ac10u Firmware 15.03.06.48 Multi Tde01
Tendacn Ac9 Firmware 15.03.05.19\\(6318\\)
Tendacn Ac9 Firmware 15.03.06.42 Multi
9.8
CVSSv3
CVE-2021-27691
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote malicious users to execute arbitrary OS commands via a crafted ...
Tendacn G0 Firmware 15.11.0.5\\(5876\\) Cn
Tendacn G0 Firmware 15.11.0.6\\(9039\\) Cn
Tendacn G1 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
8.8
CVSSv3
CVE-2018-16334
An issue exists on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
Tendacn Ac10 Firmware
Tendacn Ac9 Firmware 15.03.05.19
9.8
CVSSv3
CVE-2021-27692
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote malicious users to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPar...
Tendacn G1 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
9.8
CVSSv3
CVE-2022-40869
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").
Tendacn Ac15 Firmware 15.03.05.19
Tendacn Ac18 Firmware 15.03.05.19
9.8
CVSSv3
CVE-2022-38325
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
Tendacn Ac15 Firmware 15.03.05.19 Multi
Tendacn Ac18 Firmware 15.03.05.19 Multi
1 Github repository
9.8
CVSSv3
CVE-2022-38326
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
Tendacn Ac15 Firmware 15.03.05.19 Multi
Tendacn Ac18 Firmware 15.03.05.19 Multi
1 Github repository
9.8
CVSSv3
CVE-2022-31446
Tenda AC18 router V15.03.05.19 and V15.03.05.05 exists to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
Tendacn Ac18 Firmware 15.03.05.05
Tendacn Ac18 Firmware 15.03.05.19
9.8
CVSSv3
CVE-2022-40862
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
Tendacn Ac15 Firmware 15.03.05.19
Tendacn Ac18 Firmware 15.03.05.19
9.8
CVSSv3
CVE-2022-40864
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
Tendacn Ac15 Firmware 15.03.05.19
Tendacn Ac18 Firmware 15.03.05.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »