A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function.
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
A vulnerability was found in Tenda O5 1.0.0.8(5017). It has been classified as critical. This affects the function fromSafeSetMacFilter of the file /goform/setMacFilterList. The manipulation of the argument remark/type/time leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formSetUplinkInfo.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo.
Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade.
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a stack overflow via the function formWifiMacFilterSet.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode.
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setFixTools.
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition.
Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode.
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline.
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list.
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.
Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.