Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-45990
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows malicious users to execute arbitrary commands via the pic_name parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
7.5
CVSSv3
CVE-2022-24164
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows malicious users to cause a Denial of Service (DoS) via the DnsHijackRule parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
9.8
CVSSv3
CVE-2022-24165
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows malicious users to execute arbitrary commands via the qvlanIP parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
7.5
CVSSv3
CVE-2021-45992
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows malicious users to cause a Denial of Service (DoS) via the qvlanName parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
5.4
CVSSv3
CVE-2018-14497
Tenda D152 ADSL routers allow XSS via a crafted SSID.
Tendacn D152 Firmware -
1 EDB exploit
9.8
CVSSv3
CVE-2022-37176
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows malicious users to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
Tendacn Ac6 Firmware
8.8
CVSSv3
CVE-2021-31624
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows malicious users to execute arbitrary code via the urls parameter.
Tendacn Ac9 Firmware
7.5
CVSSv3
CVE-2019-16412
In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)
Tendacn N301 Firmware -
8.8
CVSSv3
CVE-2021-31627
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows malicious users to execute arbitrary code via the index parameter.
Tendacn Ac9 Firmware
9.8
CVSSv3
CVE-2018-5768
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.
Tendacn Ac15 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »