Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tendacn vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2022-24167
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows malicious users to execute arbitrary commands via the dmzHost1 parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
668
VMScore
CVE-2022-24170
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows malicious users to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
694
VMScore
CVE-2022-24172
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDhcpBindRule. This vulnerability allows malicious users to cause a Denial of Service (DoS) via the addDhcpRules parameter.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
694
VMScore
CVE-2021-45989
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows malicious users to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.
Tendacn G1 Firmware 15.11.0.17\\(9502\\) Cn
Tendacn G3 Firmware 15.11.0.17\\(9502\\) Cn
NA
CVE-2022-37176
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows malicious users to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
Tendacn Ac6 Firmware
605
VMScore
CVE-2020-24987
Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface ...
Tendacn Ac18 Firmware
355
VMScore
CVE-2018-14497
Tenda D152 ADSL routers allow XSS via a crafted SSID.
Tendacn D152 Firmware -
1 EDB exploit
694
VMScore
CVE-2019-16412
In goform/setSysTools on Tenda N301 wireless routers, attackers can trigger a device crash via a zero wanMTU value. (Prohibition of this zero value is only enforced within the GUI.)
Tendacn N301 Firmware -
NA
CVE-2022-36552
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows malicious users to steal all data such as source code and system files via a crafted GET request.
Tendacn Ac6 Firmware
890
VMScore
CVE-2018-5768
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header.
Tendacn Ac15 Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »