cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-52714,https://securityvulnerability.io/vulnerability/CVE-2024-52714,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 v2.0, specifically version v15.03.06.50, is susceptible to a buffer overflow vulnerability within the 'fromSetSysTime' function. This flaw can potentially lead to unauthorized access, data corruption, or system crashes, highlighting the need for immediate attention and remediation. Users of Tenda AC6 should prioritize applying security patches and updates to mitigate the associated risks.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0012400000123307109,false,false,false,false,,false,false,2024-11-19T19:15:00.000Z,0
CVE-2023-38823,https://securityvulnerability.io/vulnerability/CVE-2023-38823,,"Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0057299998588860035,false,false,false,false,,false,false,2023-11-20T00:00:00.000Z,0
CVE-2023-40830,https://securityvulnerability.io/vulnerability/CVE-2023-40830,,Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.,Tenda,Ac6 Firmware,9.8,CRITICAL,0.002400000113993883,false,false,false,false,,false,false,2023-10-03T00:00:00.000Z,0
CVE-2021-40546,https://securityvulnerability.io/vulnerability/CVE-2021-40546,,Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.,Tenda,Ac6 Firmware,4.9,MEDIUM,0.0005499999970197678,false,false,false,false,,false,false,2023-09-05T00:00:00.000Z,0
CVE-2023-40837,https://securityvulnerability.io/vulnerability/CVE-2023-40837,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the ""formSetIptv"" function, obtaining the ""list"" and ""vlanId"" fields, unfiltered passing these two fields as parameters to the ""sub_ADD50"" function to execute commands.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40839,https://securityvulnerability.io/vulnerability/CVE-2023-40839,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the ""formSetIptv"" function, obtaining the ""list"" and ""vlanId"" fields, unfiltered passing these two fields as parameters to the ""sub_ADF3C"" function to execute commands.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40840,https://securityvulnerability.io/vulnerability/CVE-2023-40840,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function ""fromGetWirelessRepeat.""",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40838,https://securityvulnerability.io/vulnerability/CVE-2023-40838,,Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.,Tenda,Ac6 Firmware,9.8,CRITICAL,0.004720000084489584,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40845,https://securityvulnerability.io/vulnerability/CVE-2023-40845,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router's firmware is exposed to a buffer overflow vulnerability due to improper handling of user-supplied input in the function 'sub_34FD0'. This lack of length checks allows attackers to exploit the vulnerability, potentially leading to arbitrary code execution and a compromise of the system. Administrators are encouraged to review their firmware versions and apply necessary patches to mitigate this risk.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40844,https://securityvulnerability.io/vulnerability/CVE-2023-40844,,Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.',Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40847,https://securityvulnerability.io/vulnerability/CVE-2023-40847,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function ""initIpAddrInfo."" In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40841,https://securityvulnerability.io/vulnerability/CVE-2023-40841,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function ""add_white_node,""",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40848,https://securityvulnerability.io/vulnerability/CVE-2023-40848,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function ""sub_7D858.""",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40843,https://securityvulnerability.io/vulnerability/CVE-2023-40843,,"Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function ""sub_73004.""",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40842,https://securityvulnerability.io/vulnerability/CVE-2023-40842,,"Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function ""R7WebsSecurityHandler.""",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,false,false,false,,false,false,2023-08-30T00:00:00.000Z,0
CVE-2023-40846,https://securityvulnerability.io/vulnerability/CVE-2023-40846,,Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.,Tenda,Ac6 Firmware,9.8,CRITICAL,0.0017999999690800905,false,false,false,false,,false,false,2023-08-28T00:00:00.000Z,0
CVE-2023-39670,https://securityvulnerability.io/vulnerability/CVE-2023-39670,,Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.,Tenda,Ac6 Firmware,9.8,CRITICAL,0.0023499999660998583,false,false,false,false,,false,false,2023-08-18T03:15:00.000Z,0
CVE-2022-40010,https://securityvulnerability.io/vulnerability/CVE-2022-40010,,Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.,Tenda,Ac6 Firmware,5.4,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2023-06-26T00:00:00.000Z,0
CVE-2023-26976,https://securityvulnerability.io/vulnerability/CVE-2023-26976,Stack Overflow Vulnerability in Tenda AC6 Routers,"A stack overflow vulnerability exists in Tenda AC6 routers due to improper handling of the ssid parameter within the form_fast_setting_wifi_set function. This flaw could allow an attacker to exploit the vulnerable components of the router, potentially leading to unauthorized access and the execution of arbitrary code. Users are urged to check their firmware and apply any available patches to mitigate the risk posed by this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0008900000248104334,false,false,false,true,true,false,false,2023-04-04T02:15:00.000Z,0
CVE-2022-45653,https://securityvulnerability.io/vulnerability/CVE-2022-45653,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0
CVE-2022-45644,https://securityvulnerability.io/vulnerability/CVE-2022-45644,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0
CVE-2022-45659,https://securityvulnerability.io/vulnerability/CVE-2022-45659,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0
CVE-2022-45646,https://securityvulnerability.io/vulnerability/CVE-2022-45646,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0
CVE-2022-45652,https://securityvulnerability.io/vulnerability/CVE-2022-45652,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0
CVE-2022-45660,https://securityvulnerability.io/vulnerability/CVE-2022-45660,,Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.,Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,false,false,false,,false,false,2022-12-02T00:00:00.000Z,0