cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-50854,https://securityvulnerability.io/vulnerability/CVE-2024-50854,Stack Overflow Vulnerability in Tenda G3 from Tenda,"A stack overflow vulnerability has been found in Tenda G3 v3.0 v15.11.0.20 through the formSetPortMapping function. This flaw can potentially allow an attacker to execute arbitrary code or disrupt the normal operation of the device, raising significant security concerns for users relying on this product for secure networking. Proper mitigations and patches are required to safeguard against potential exploitation.",Tenda,G3 Firmware,8.8,HIGH,0.0004900000058114529,false,false,false,false,,false,false,2024-11-13T15:15:00.000Z,0
CVE-2024-50853,https://securityvulnerability.io/vulnerability/CVE-2024-50853,Command Injection Vulnerability in Tenda G3 Router Firmware,"The Tenda G3 router running firmware version 3.0 v15.11.0.20 contains a command injection vulnerability within the formSetDebugCfg function. This flaw allows an attacker to inject arbitrary commands into the system, which could lead to unauthorized access and manipulation of device configurations. Such vulnerabilities pose significant risks, potentially enabling attackers to execute harmful commands that could compromise the router’s integrity and the security of the network it supports. Users of Tenda G3 routers are advised to review their device settings and apply any available security updates to mitigate the risks associated with this vulnerability.",Tenda,G3 Firmware,8.8,HIGH,0.0006200000061653554,false,false,false,false,,false,false,2024-11-13T15:15:00.000Z,0
CVE-2024-50852,https://securityvulnerability.io/vulnerability/CVE-2024-50852,Command Injection Vulnerability in Tenda G3 Router,"The Tenda G3 v3.0 v15.11.0.20 is vulnerable to a command injection issue through the formSetUSBPartitionUmount function. This vulnerability may allow attackers to execute arbitrary commands on the router, compromising the integrity and availability of the device. Proper remediation mechanisms should be considered to ensure device security and protect against unauthorized access.",Tenda,G3 Firmware,8.8,HIGH,0.0006200000061653554,false,false,false,false,,false,false,2024-11-13T15:15:00.000Z,0
CVE-2024-46628,https://securityvulnerability.io/vulnerability/CVE-2024-46628,Remote Code Execution Vulnerability in Tenda G3 Router by Tenda,"The Tenda G3 Router firmware v15.03.05.05 has been identified as having a serious vulnerability that allows remote code execution. Specifically, the issue originates from improper handling of the usbPartitionName parameter in the formSetUSBPartitionUmount function. This flaw can potentially allow attackers to exploit the router, compromising security and enabling unauthorized access to sensitive data or network functionality.",Tenda,G3 Firmware,9.8,CRITICAL,0.0010900000343099236,false,false,false,false,,false,false,2024-09-26T00:00:00.000Z,0
CVE-2024-8224,https://securityvulnerability.io/vulnerability/CVE-2024-8224,Stack-Based Buffer Overflow in Tenda G3 Router Firmware,"A serious stack-based buffer overflow vulnerability has been discovered in the Tenda G3 router firmware (version 15.11.0.20). This flaw exists in the formSetDebugCfg function within the /goform/setDebugCfg file, where improper handling of the enable, level, or module arguments can lead to potential exploitation. Attackers can exploit this vulnerability remotely, risking the safety of the device and data. Despite early notification to the vendor regarding this issue, there has been no response or patch provided, increasing the urgency for users to be aware of this risk and take appropriate measures to secure their devices.",Tenda,G3 Firmware,9.8,CRITICAL,0.003530000103637576,false,false,false,false,,false,false,2024-08-27T23:15:00.000Z,0
CVE-2022-36586,https://securityvulnerability.io/vulnerability/CVE-2022-36586,,"In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,false,false,false,,false,false,2022-09-08T00:15:00.000Z,0
CVE-2022-36585,https://securityvulnerability.io/vulnerability/CVE-2022-36585,,"In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,false,false,false,,false,false,2022-09-07T23:15:00.000Z,0
CVE-2022-36587,https://securityvulnerability.io/vulnerability/CVE-2022-36587,,"In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,false,false,false,,false,false,2022-09-07T16:31:12.000Z,0
CVE-2022-36584,https://securityvulnerability.io/vulnerability/CVE-2022-36584,,"In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.",Tenda,G3 Firmware,9.8,CRITICAL,0.003640000009909272,false,false,false,false,,false,false,2022-09-06T16:50:08.000Z,0