Tendacn: community verdicts
8 notable / known-exploited Tendacn CVEs the community has triaged.
- CVE-2022-32386CRIT 9.8EPSS 11%
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
- CVE-2022-32385CRIT 9.8Real · low riskEPSS 2%
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
- CVE-2021-31624HIGH 8.8Real · low riskEPSS 1%
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.
- CVE-2021-31627HIGH 8.8Real · low riskEPSS 1%
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.
- CVE-2022-37176CRIT 9.8Real · low riskEPSS 1%
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.
- CVE-2022-32384HIGH 8.8Real · low riskEPSS 1%
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
- CVE-2022-36552HIGH 7.5Real · low riskEPSS 1%
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request.
- CVE-2022-36233MED 5.5EPSS 0%
Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.