Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-22079
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote malicious users to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
Tendacn Ac10u Firmware 15.03.06.48 Multi Tde01
Tendacn Ac9 Firmware 15.03.05.19\\(6318\\)
Tendacn Ac9 Firmware 15.03.06.42 Multi
10
CVSSv2
CVE-2021-27691
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote malicious users to execute arbitrary OS commands via a crafted ...
Tendacn G0 Firmware 15.11.0.5\\(5876\\) Cn
Tendacn G0 Firmware 15.11.0.6\\(9039\\) Cn
Tendacn G1 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
9
CVSSv2
CVE-2018-16334
An issue exists on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
Tendacn Ac10 Firmware
Tendacn Ac9 Firmware 15.03.05.19
10
CVSSv2
CVE-2021-27692
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote malicious users to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPar...
Tendacn G1 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.16\\(9024\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
10
CVSSv2
CVE-2022-31446
Tenda AC18 router V15.03.05.19 and V15.03.05.05 exists to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
Tendacn Ac18 Firmware 15.03.05.05
Tendacn Ac18 Firmware 15.03.05.19
7.2
CVSSv2
CVE-2019-5071
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the...
Tendacn Ac9v1.0 Firmware 15.03.05.16multitru
Tendacn Ac9v1.0 Firmware 15.03.05.14 En
4.6
CVSSv2
CVE-2019-5072
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). A specially crafted HTTP POST request can cause a command injection in the...
Tendacn Ac9v1.0 Firmware 15.03.05.16multitru
Tendacn Ac9v1.0 Firmware 15.03.05.14 En
NA
CVE-2022-40862
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
Tendacn Ac15 Firmware 15.03.05.19
Tendacn Ac18 Firmware 15.03.05.19
NA
CVE-2022-40864
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
Tendacn Ac15 Firmware 15.03.05.19
Tendacn Ac18 Firmware 15.03.05.19
NA
CVE-2022-38325
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.
Tendacn Ac15 Firmware 15.03.05.19 Multi
Tendacn Ac18 Firmware 15.03.05.19 Multi
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »