cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11248,https://securityvulnerability.io/vulnerability/CVE-2024-11248,Stack-based Buffer Overflow in Tenda AC10 Router,"A significant vulnerability exists within the Tenda AC10 router, specifically in the formSetRebootTimer function located in the /goform/SetSysAutoRebbotCfg file. This vulnerability enables a stack-based buffer overflow due to improper handling of the rebootTime argument. The flaw permits threat actors to launch remote attacks, potentially leading to unauthorized access to the device. The disclosure of this exploit in public forums increases the urgency for device owners to address the vulnerability to safeguard their networks.",Tenda,Ac10 Firmware,8.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2024-11-15T17:15:00.000Z,0
CVE-2023-45479,https://securityvulnerability.io/vulnerability/CVE-2023-45479,,Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-45480,https://securityvulnerability.io/vulnerability/CVE-2023-45480,,Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-45481,https://securityvulnerability.io/vulnerability/CVE-2023-45481,,Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-45482,https://securityvulnerability.io/vulnerability/CVE-2023-45482,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the function responsible for retrieving parental control list information. This flaw allows attackers to manipulate the 'urls' parameter, potentially leading to unintended behavior and security breaches. Exploitation of this vulnerability could provide unauthorized access to sensitive settings, compromising the integrity and confidentiality of the device. It is crucial for users to apply updates and follow best security practices to mitigate the risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-45484,https://securityvulnerability.io/vulnerability/CVE-2023-45484,,Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-45483,https://securityvulnerability.io/vulnerability/CVE-2023-45483,,Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-11-29T00:00:00.000Z,0
CVE-2023-42320,https://securityvulnerability.io/vulnerability/CVE-2023-42320,,Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.006010000128298998,false,false,false,false,,false,false,2023-09-18T00:00:00.000Z,0
CVE-2023-38933,https://securityvulnerability.io/vulnerability/CVE-2023-38933,,"Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0017999999690800905,false,false,false,false,,false,false,2023-08-07T00:00:00.000Z,0
CVE-2023-38936,https://securityvulnerability.io/vulnerability/CVE-2023-38936,,"Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022499999031424522,false,false,false,false,,false,false,2023-08-07T00:00:00.000Z,0
CVE-2023-38937,https://securityvulnerability.io/vulnerability/CVE-2023-38937,,"Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0017999999690800905,false,false,false,false,,false,false,2023-08-07T00:00:00.000Z,0
CVE-2023-38931,https://securityvulnerability.io/vulnerability/CVE-2023-38931,Stack Overflow Vulnerability in Tenda AC Series Routers,"A stack overflow vulnerability has been identified in multiple Tenda AC series routers. This issue arises from improper handling of the list parameter within the setaccount function, potentially leading to unauthorized access and exploitation of device functionality. Users are advised to implement security measures to mitigate potential risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0017999999690800905,false,false,false,false,,false,false,2023-08-07T00:00:00.000Z,0
CVE-2023-37711,https://securityvulnerability.io/vulnerability/CVE-2023-37711,Stack Overflow in Tenda AC1206 and AC10 Devices,"A stack overflow vulnerability exists in the Tenda AC1206 and AC10 devices, specifically within the saveParentControlInfo function, which improperly processes the deviceId parameter. This flaw can potentially allow attackers to execute arbitrary code, compromising the integrity and security of the affected devices.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.001930000027641654,false,false,false,false,,false,false,2023-07-10T00:00:00.000Z,0
CVE-2023-37710,https://securityvulnerability.io/vulnerability/CVE-2023-37710,Stack Overflow Vulnerability in Tenda AC1206 and AC10 Products,"The Tenda AC1206 and AC10 devices have been found to be susceptible to a stack overflow vulnerability that occurs in the wpapsk_crypto parameter within the fromSetWirelessRepeat function. This flaw can potentially be exploited to compromise device security, allowing unauthorized access and manipulation of sensitive settings.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.001930000027641654,false,false,false,false,,false,false,2023-07-10T00:00:00.000Z,0
CVE-2023-37144,https://securityvulnerability.io/vulnerability/CVE-2023-37144,Command Injection Vulnerability in Tenda AC10 Router,"The Tenda AC10 router, specifically version 15.03.06.26, is prone to a command injection vulnerability that arises from improper validation of the 'mac' parameter within the 'formWriteFacMac' function. This security flaw allows an attacker to execute arbitrary commands on the device, potentially compromising the router's integrity and allowing unauthorized access. Users are advised to update their devices promptly to mitigate the risk posed by this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.005659999791532755,false,false,false,false,,false,false,2023-07-07T00:00:00.000Z,0
CVE-2023-34567,https://securityvulnerability.io/vulnerability/CVE-2023-34567,,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.,Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-34571,https://securityvulnerability.io/vulnerability/CVE-2023-34571,,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.,Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-34569,https://securityvulnerability.io/vulnerability/CVE-2023-34569,,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.,Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-34570,https://securityvulnerability.io/vulnerability/CVE-2023-34570,,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.,Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-34566,https://securityvulnerability.io/vulnerability/CVE-2023-34566,Stack Overflow in Tenda AC10 Router Affects Home Network Security,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the firmware version US_AC10V4.0si_V16.03.10.13_cn. This vulnerability occurs via a parameter input at the /goform/saveParentControlInfo endpoint, potentially allowing an attacker to exploit the router and manipulate its operations. Users are advised to update their firmware to mitigate risks associated with this security flaw.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-34568,https://securityvulnerability.io/vulnerability/CVE-2023-34568,,Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.,Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2023-06-08T00:00:00.000Z,0
CVE-2023-27018,https://securityvulnerability.io/vulnerability/CVE-2023-27018,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 Router has a vulnerability that can be exploited through a stack overflow in the sub_45EC1C function. An attacker can leverage this flaw to execute arbitrary code or trigger a Denial of Service (DoS) by sending specially crafted payloads, potentially compromising the device's functionality and security.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002630000002682209,false,false,false,false,,false,false,2023-04-07T02:15:00.000Z,0
CVE-2023-27012,https://securityvulnerability.io/vulnerability/CVE-2023-27012,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 router has been identified to contain a stack overflow vulnerability within the setSchedWifi function. This flaw enables malicious actors to disrupt service by executing a crafted payload, resulting in a Denial of Service (DoS) condition or potentially allowing arbitrary code execution. It is critical for users to be aware of this vulnerability to safeguard their network devices against potential threats.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,false,false,false,,false,false,2023-04-07T02:15:00.000Z,0
CVE-2023-27013,https://securityvulnerability.io/vulnerability/CVE-2023-27013,Stack Overflow Vulnerability in Tenda AC10 Router,The Tenda AC10 Router is susceptible to a stack overflow vulnerability in the get_parentControl_list_Info function. This flaw can be exploited by attackers to cause a Denial of Service (DoS) condition or potentially execute arbitrary code through a specially crafted payload. Users of the affected product should be aware of this security risk and take appropriate measures to mitigate potential attacks.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,false,false,false,,false,false,2023-04-07T02:15:00.000Z,0
CVE-2023-27014,https://securityvulnerability.io/vulnerability/CVE-2023-27014,Stack Overflow Vulnerability in Tenda AC10 Router,"A vulnerability exists in the Tenda AC10 Router where the sub_46AC38 function is susceptible to stack overflow attacks. By sending specially crafted payloads to the device, attackers can potentially disrupt service, leading to Denial of Service (DoS) conditions, or even execute arbitrary code. This flaw emphasizes the importance of ensuring that routers are kept up-to-date and secured against possible exploits.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,false,false,false,,false,false,2023-04-07T02:15:00.000Z,0