cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11745,https://securityvulnerability.io/vulnerability/CVE-2024-11745,Stack-Based Buffer Overflow Vulnerability in Tenda AC8 Product,"A critical vulnerability has been identified in the Tenda AC8 router, specifically within the 'route_static_check' function in the SetStaticRouteCfg file. This vulnerability manifests as a stack-based buffer overflow due to improper handling of argument lists. An attacker can exploit this flaw remotely, potentially leading to unauthorized access or other malicious actions. The exploit has been made public, heightening the urgency for users of the affected Tenda AC8 version 16.03.34.09 to implement protective measures immediately to safeguard their networks.",Tenda,Ac8,9.8,CRITICAL,0.0008699999889358878,false,false,false,true,true,false,false,2024-11-26T21:00:12.592Z,0
CVE-2024-10130,https://securityvulnerability.io/vulnerability/CVE-2024-10130,Stack-Based Buffer Overflow in Tenda AC8 Router,"A severe vulnerability has been discovered in the Tenda AC8 router, specifically in the formSetRebootTimer function located in the /goform/SetSysAutoRebbotCfg file. This vulnerability allows an attacker to manipulate the rebootTime argument, leading to a stack-based buffer overflow. With this exploit, attackers can initiate a remote attack, potentially compromising the router's integrity and user data. The issue has been made publicly known, and attempts to notify Tenda of this vulnerability have gone unanswered. Users of affected versions are strongly advised to implement immediate security measures to safeguard their networks.",Tenda,Ac8 Firmware,8.8,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2024-10-18T22:15:00.000Z,0
CVE-2024-10123,https://securityvulnerability.io/vulnerability/CVE-2024-10123,Stack-Based Buffer Overflow in Tenda AC8 Router,"A significant vulnerability has been identified in the Tenda AC8 router, specifically in the compare_parentcontrol_time function located in the /goform/saveParentControlInfo file. This flaw can be exploited remotely, allowing an attacker to manipulate the 'time' argument, which leads to a stack-based buffer overflow. With this vulnerability, unauthorized users may execute arbitrary code, potentially compromising the integrity and security of affected systems. Early notifications were sent to Tenda regarding this security risk, but there has been no response to address the issue. Organizations utilizing the Tenda AC8 should evaluate their security posture and consider updates or mitigation strategies to protect against potential exploits.",Tenda,Ac8 Firmware,8.8,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2024-10-18T20:15:00.000Z,0
CVE-2024-4066,https://securityvulnerability.io/vulnerability/CVE-2024-4066,Remote Stack-Based Buffer Overflow in Tenda AC8 Router,"A serious stack-based buffer overflow vulnerability has been identified in the Tenda AC8 router, specifically in the function 'fromAdvSetMacMtuWan' located in the /goform/AdvSetMacMtuWan file. This vulnerability arises from insufficient validation of input parameters such as 'wanMTU', 'wanSpeed', 'cloneType', 'mac', 'serviceName', and 'serverName'. Attackers can exploit this vulnerability remotely, potentially leading to unauthorized access and malicious control over the affected device. Despite attempts to inform Tenda, no response was received, allowing this critical vulnerability to pose an ongoing risk to users.",Tenda,Ac8,8.8,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2024-04-23T21:00:08.132Z,0
CVE-2024-4065,https://securityvulnerability.io/vulnerability/CVE-2024-4065,Buffer Overflow Vulnerability in Tenda AC8 Router,"A severe buffer overflow vulnerability exists in the Tenda AC8 router's remote management functionality. Specifically, the affected function, formSetRebootTimer, is located in the /goform/SetRebootTimer file. By manipulating the rebootTime parameter, attackers can trigger a stack-based buffer overflow remotely. Exploitation of this vulnerability could lead to unauthorized access and control over the device. Despite early disclosures to the vendor for remediation, there has been no response or mitigation from Tenda, increasing the risk for users. Hacked routers can lead to compromised networks, making timely updates and security assessments critical for device owners.",Tenda,Ac8,8.8,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2024-04-23T20:00:07.093Z,0
CVE-2024-4064,https://securityvulnerability.io/vulnerability/CVE-2024-4064,Stack-based Buffer Overflow in Tenda AC8 Router,"A critical vulnerability exists within the Tenda AC8 router that can be exploited via a stack-based buffer overflow. This security issue arises from improper handling of the 'password' argument in the R7WebsSecurityHandler function located in the /goform/execCommand file. Attackers can initiate a remote exploit, potentially allowing malicious entities to gain unauthorized access or control over the device. Despite early disclosure attempts to the vendor, Tenda has not provided any response or remediation information. Users of the Tenda AC8, particularly those running version 16.03.34.09, are strongly advised to assess their network security and apply any available mitigations to protect against potential exploitation.",Tenda,Ac8,8.8,HIGH,0.00044999999227002263,false,false,false,true,true,false,false,2024-04-23T20:00:05.584Z,0
CVE-2023-4744,https://securityvulnerability.io/vulnerability/CVE-2023-4744,Tenda AC8 formSetDeviceName stack-based overflow,"A vulnerability exists in Tenda AC8 routers, specifically in the function responsible for setting device names. This flaw allows for a stack-based buffer overflow, which can be triggered remotely by an attacker. The exploit, already disclosed to the public, poses significant security risks as it could potentially allow unauthorized access or execution of arbitrary code on the affected devices.",Tenda,Ac8,9.8,CRITICAL,0.0016400000313296914,false,false,false,false,,false,false,2023-09-04T00:15:00.000Z,0
CVE-2023-33673,https://securityvulnerability.io/vulnerability/CVE-2023-33673,Stack Overflow Vulnerability in Tenda AC8 Router,"A stack overflow vulnerability has been identified in the Tenda AC8 router, specifically in the formSetFirewallCfg function. This vulnerability arises from improper handling of the firewallEn parameter, allowing attackers to exploit this weakness to gain unauthorized access or disrupt the functionality of the affected device. Users of the Tenda AC8 V4.0 – V16.03.34.06 are advised to implement immediate security measures to mitigate the risk associated with this vulnerability.",Tenda,Ac8 Firmware,9.8,CRITICAL,0.0029899999499320984,false,false,false,false,,false,false,2023-06-02T00:00:00.000Z,0
CVE-2023-33675,https://securityvulnerability.io/vulnerability/CVE-2023-33675,Stack Overflow Vulnerability in Tenda AC8 Router,"The Tenda AC8 router is susceptible to a stack overflow vulnerability caused by improper handling of the time parameter in the get_parentControl_list_Info function. This flaw could lead to unauthorized remote code execution, compromising the device's integrity and potentially allowing an attacker to take control of the router. It is crucial for users to be aware of this vulnerability, implement necessary patches, and follow best practices for securing their devices to prevent exploitation.",Tenda,Ac8 Firmware,9.8,CRITICAL,0.0029899999499320984,false,false,false,false,,false,false,2023-06-02T00:00:00.000Z,0
CVE-2023-33672,https://securityvulnerability.io/vulnerability/CVE-2023-33672,Stack Overflow Vulnerability in Tenda AC8 Router,"A vulnerability has been found in the Tenda AC8 router related to a stack overflow in the shareSpeed parameter within the fromSetWifiGusetBasic function. This flaw could allow an attacker to exploit the stack overflow, potentially leading to system crashes or unauthorized code execution. It is crucial for users to remain vigilant and apply the necessary updates to mitigate the risks associated with this vulnerability.",Tenda,Ac8 Firmware,7.5,HIGH,0.0014700000174343586,false,false,false,false,,false,false,2023-06-02T00:00:00.000Z,0
CVE-2023-33671,https://securityvulnerability.io/vulnerability/CVE-2023-33671,Stack Overflow in Tenda AC8 Router Affects Device Control Features,"The Tenda AC8 router, specifically version V16.03.34.06, has been identified to contain a stack overflow vulnerability within the saveParentControlInfo function. This issue is triggered by the deviceId parameter, potentially allowing an attacker to exploit the vulnerability and impact the device's functionality and security. It is crucial for users to address this vulnerability to safeguard their network and connected devices.",Tenda,Ac8 Firmware,9.8,CRITICAL,0.0029899999499320984,false,false,false,false,,false,false,2023-06-02T00:00:00.000Z,0
CVE-2023-33670,https://securityvulnerability.io/vulnerability/CVE-2023-33670,Stack Overflow Vulnerability in Tenda AC8 Router,"The Tenda AC8 Router version V4.0 (V16.03.34.06) is susceptible to a stack overflow vulnerability due to insufficient validation of the time parameter in the sub_4a79ec function. Exploitation of this vulnerability may lead to potential remote code execution, allowing attackers to manipulate system behavior and gain unauthorized access. Users are advised to implement necessary updates and monitor for suspicious behavior to safeguard their network.",Tenda,Ac8 Firmware,9.8,CRITICAL,0.0029899999499320984,false,false,false,false,,false,false,2023-06-02T00:00:00.000Z,0
CVE-2023-33669,https://securityvulnerability.io/vulnerability/CVE-2023-33669,Stack Overflow Vulnerability in Tenda AC8 Router,"A stack overflow vulnerability was detected in the Tenda AC8V4.0 router, specifically in the sub_44db3c function triggered by the timeZone parameter. This flaw could potentially allow an attacker to execute arbitrary code, compromise the router, and gain unauthorized access to the network. Users should be aware of this vulnerability to enhance their network security and apply any available patches.",Tenda,Ac8 Firmware,9.8,CRITICAL,0.0021200000774115324,false,false,false,true,true,false,false,2023-06-02T00:00:00.000Z,0