Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-5770
An issue exists on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be...
Tendacn Ac15 Firmware -
6.8
CVSSv2
CVE-2020-24987
Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface ...
Tendacn Ac18 Firmware
NA
CVE-2022-37176
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows malicious users to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
Tendacn Ac6 Firmware
7.8
CVSSv2
CVE-2021-38772
Tenda AC10-1200 v15.03.06.23_EN exists to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
Tendacn Ac10 Firmware 15.03.06.23
6.5
CVSSv2
CVE-2020-20746
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote malicious users to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.
Tendacn Ac9 Firmware 15.03.06.60 En
7.5
CVSSv2
CVE-2018-5767
An issue exists on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
Tendacn Ac15 Firmware 15.03.1.16
1 EDB exploit
2 Github repositories
7.5
CVSSv2
CVE-2021-45401
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to t...
Tendacn Ac10u Firmware 15.03.06.49 Multi
3.5
CVSSv2
CVE-2018-20373
Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.
Tendacn Adsl Firmware 1.0.1
NA
CVE-2023-44016
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 exists to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
Tendacn Ac10u Firmware 15.03.06.49 Multi Tde01
NA
CVE-2023-44017
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 exists to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
Tendacn Ac10u Firmware 15.03.06.49 Multi Tde01
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »