cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-11248,https://securityvulnerability.io/vulnerability/CVE-2024-11248,Stack-based Buffer Overflow in Tenda AC10 Router,"A significant vulnerability exists within the Tenda AC10 router, specifically in the formSetRebootTimer function located in the /goform/SetSysAutoRebbotCfg file. This vulnerability enables a stack-based buffer overflow due to improper handling of the rebootTime argument. The flaw permits threat actors to launch remote attacks, potentially leading to unauthorized access to the device. The disclosure of this exploit in public forums increases the urgency for device owners to address the vulnerability to safeguard their networks.",Tenda,Ac10 Firmware,8.8,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2024-11-15T17:15:00.000Z,0
CVE-2023-45483,https://securityvulnerability.io/vulnerability/CVE-2023-45483,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 router is vulnerable to a stack overflow issue triggered by the time parameter in the compare_parentcontrol_time function. This vulnerability could potentially allow an attacker to manipulate memory, leading to unauthorized access or executing arbitrary code on the device. Users of the affected version should take immediate action to mitigate the risk associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-45484,https://securityvulnerability.io/vulnerability/CVE-2023-45484,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 router contains a vulnerability triggered by a stack overflow in the shareSpeed parameter within the fromSetWifiGuestBasic function. This can lead to unauthorized control over the device or a complete system crash, potentially exposing sensitive user data or allowing for remote code execution. Users are recommended to update their firmware to mitigate this security risk.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-45481,https://securityvulnerability.io/vulnerability/CVE-2023-45481,Stack Overflow in Tenda AC10 Firewall Configuration,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the firewall configuration feature. This issue arises when input is processed via the firewallEn parameter in the SetFirewallCfg function, potentially leading to unauthorized access or interference with firewall settings. Users of the affected version should take immediate steps to secure their devices by applying available updates and monitor for any unusual activities in their network.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-45480,https://securityvulnerability.io/vulnerability/CVE-2023-45480,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router. The issue arises from improper handling of the 'src' parameter within the function sub_47D878, allowing attackers to potentially execute arbitrary code. This vulnerability is particularly concerning as it could enable unauthorized access to network devices, compromising overall system integrity.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-45479,https://securityvulnerability.io/vulnerability/CVE-2023-45479,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically affecting version US_AC10V4.0si_V16.03.10.13_cn. This vulnerability can be exploited through the 'list' parameter in the function sub_49E098, potentially allowing attackers to execute arbitrary code or cause a denial of service. It is crucial for users of the Tenda AC10 router to apply necessary patches and follow best security practices to mitigate risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-45482,https://securityvulnerability.io/vulnerability/CVE-2023-45482,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the function responsible for retrieving parental control list information. This flaw allows attackers to manipulate the 'urls' parameter, potentially leading to unintended behavior and security breaches. Exploitation of this vulnerability could provide unauthorized access to sensitive settings, compromising the integrity and confidentiality of the device. It is crucial for users to apply updates and follow best security practices to mitigate the risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-11-29T00:00:00.000Z,0
CVE-2023-42320,https://securityvulnerability.io/vulnerability/CVE-2023-42320,Buffer Overflow Vulnerability in Tenda AC10V4 Router,"The buffer overflow vulnerability in Tenda AC10V4 router versions allows remote attackers to exploit the mac parameter in the GetParentControlInfo function. This could lead to a denial of service, adversely affecting network stability and performance. Users are advised to update their devices to mitigate potential risks.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.006010000128298998,false,,false,false,false,,,false,false,,2023-09-18T00:00:00.000Z,0
CVE-2023-38937,https://securityvulnerability.io/vulnerability/CVE-2023-38937,Stack Overflow Vulnerability in Tenda Routers,"A stack overflow vulnerability has been identified in various Tenda routers through the 'list' parameter in the 'formSetVirtualSer' function. Exploiting this flaw can potentially allow attackers to execute arbitrary code, leading to unauthorized access or compromised device control. Users of the affected models should apply the latest firmware updates to mitigate any risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-38931,https://securityvulnerability.io/vulnerability/CVE-2023-38931,Stack Overflow Vulnerability in Tenda AC Series Routers,"A stack overflow vulnerability has been identified in multiple Tenda AC series routers. This issue arises from improper handling of the list parameter within the setaccount function, potentially leading to unauthorized access and exploitation of device functionality. Users are advised to implement security measures to mitigate potential risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-38936,https://securityvulnerability.io/vulnerability/CVE-2023-38936,Stack Overflow Vulnerability in Tenda Router Products,"A stack overflow vulnerability has been identified in various Tenda router models, triggered by improper handling of the speed_dir parameter within the formSetSpeedWan function. This flaw may allow an attacker to craft specifically designed input, potentially leading to abnormal behavior of the impacted devices, unauthorized access, or execution of arbitrary code. Network administrators using affected Tenda routers should incorporate immediate mitigative steps to safeguard their systems against potential exploitation.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002469999948516488,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-38933,https://securityvulnerability.io/vulnerability/CVE-2023-38933,Stack Overflow Vulnerability in Tenda Routers and IoT Devices,"Recent findings indicate that several Tenda router and IoT device models are susceptible to a stack overflow vulnerability. The issue arises from improper handling of the deviceId parameter in the formSetClientState function, which could allow attackers to exploit this flaw. Devices affected include the AC6, AC7, and F1203 among others, with specific firmware versions identified. Prompt action is recommended to mitigate risks associated with this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2023-37710,https://securityvulnerability.io/vulnerability/CVE-2023-37710,Stack Overflow Vulnerability in Tenda AC1206 and AC10 Products,"The Tenda AC1206 and AC10 devices have been found to be susceptible to a stack overflow vulnerability that occurs in the wpapsk_crypto parameter within the fromSetWirelessRepeat function. This flaw can potentially be exploited to compromise device security, allowing unauthorized access and manipulation of sensitive settings.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37711,https://securityvulnerability.io/vulnerability/CVE-2023-37711,Stack Overflow in Tenda AC1206 and AC10 Devices,"A stack overflow vulnerability exists in the Tenda AC1206 and AC10 devices, specifically within the saveParentControlInfo function, which improperly processes the deviceId parameter. This flaw can potentially allow attackers to execute arbitrary code, compromising the integrity and security of the affected devices.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0021699999924749136,false,,false,false,false,,,false,false,,2023-07-10T00:00:00.000Z,0
CVE-2023-37144,https://securityvulnerability.io/vulnerability/CVE-2023-37144,Command Injection Vulnerability in Tenda AC10 Router,"The Tenda AC10 router, specifically version 15.03.06.26, is prone to a command injection vulnerability that arises from improper validation of the 'mac' parameter within the 'formWriteFacMac' function. This security flaw allows an attacker to execute arbitrary commands on the device, potentially compromising the router's integrity and allowing unauthorized access. Users are advised to update their devices promptly to mitigate the risk posed by this vulnerability.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.006370000075548887,false,,false,false,false,,,false,false,,2023-07-07T00:00:00.000Z,0
CVE-2023-34566,https://securityvulnerability.io/vulnerability/CVE-2023-34566,Stack Overflow in Tenda AC10 Router Affects Home Network Security,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the firmware version US_AC10V4.0si_V16.03.10.13_cn. This vulnerability occurs via a parameter input at the /goform/saveParentControlInfo endpoint, potentially allowing an attacker to exploit the router and manipulate its operations. Users are advised to update their firmware to mitigate risks associated with this security flaw.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.0022700000554323196,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-34571,https://securityvulnerability.io/vulnerability/CVE-2023-34571,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically affecting the WiFiGuestSet function through the shareSpeed parameter. This flaw could allow an attacker to exploit the device, potentially leading to unauthorized access or denial of service. Proper attention to this issue is essential for maintaining network security and protecting sensitive information.",Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-34570,https://securityvulnerability.io/vulnerability/CVE-2023-34570,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability has been identified in the Tenda AC10 router, specifically in the SetOnlineDevName function. This issue arises from improper handling of the devName parameter, allowing for potential exploitation. Users should ensure their devices are running the latest firmware updates to mitigate risks associated with this vulnerability.",Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-34569,https://securityvulnerability.io/vulnerability/CVE-2023-34569,Stack Overflow Vulnerability in Tenda AC10 Router Firmware,"The Tenda AC10 router firmware version V16.03.10.13_cn has been identified to have a stack overflow vulnerability due to improper handling of parameter lists in the /goform/SetNetControlList endpoint. This flaw could potentially allow an attacker to exploit the device by sending crafted requests that lead to unexpected behavior, including denial of service or arbitrary code execution. It is crucial for users to update their firmware and implement appropriate security measures to safeguard their network.",Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-34568,https://securityvulnerability.io/vulnerability/CVE-2023-34568,Stack Overflow Vulnerability in Tenda AC10 Router,"A stack overflow vulnerability was identified in the Tenda AC10 router, specifically within the PowerSaveSet function. This issue is triggered by improper handling of the 'time' parameter, allowing potential attackers to exploit the flaw. By sending crafted inputs, an attacker could execute arbitrary code, leading to unauthorized access and control over the device. Users of affected versions should apply patches or updates promptly to mitigate risks associated with this vulnerability.",Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-34567,https://securityvulnerability.io/vulnerability/CVE-2023-34567,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 router's firmware version US_AC10V4.0si_V16.03.10.13_cn is prone to a stack overflow vulnerability when processing input parameters at /goform/SetVirtualServerCfg. This flaw can be exploited by sending specially crafted requests, potentially allowing unauthorized access or control over the device, thereby compromising the integrity and security of the network.",Tenda,Ac10 Firmware,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-06-08T00:00:00.000Z,0
CVE-2023-27016,https://securityvulnerability.io/vulnerability/CVE-2023-27016,Stack Overflow Vulnerability in Tenda AC10 Router,The Tenda AC10 router is vulnerable to a stack overflow issue through the R7WebsSecurityHandler function. This flaw enables attackers to disrupt services by initiating a Denial of Service (DoS) or potentially execute arbitrary code by sending specially crafted payloads. It is crucial for users of the affected version to implement security measures to mitigate these risks.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.0031900000758469105,false,,false,false,false,,,false,false,,2023-04-07T02:15:00.000Z,0
CVE-2023-27012,https://securityvulnerability.io/vulnerability/CVE-2023-27012,Stack Overflow Vulnerability in Tenda AC10 Router,"The Tenda AC10 router has been identified to contain a stack overflow vulnerability within the setSchedWifi function. This flaw enables malicious actors to disrupt service by executing a crafted payload, resulting in a Denial of Service (DoS) condition or potentially allowing arbitrary code execution. It is critical for users to be aware of this vulnerability to safeguard their network devices against potential threats.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,,false,false,false,,,false,false,,2023-04-07T02:15:00.000Z,0
CVE-2023-27013,https://securityvulnerability.io/vulnerability/CVE-2023-27013,Stack Overflow Vulnerability in Tenda AC10 Router,The Tenda AC10 Router is susceptible to a stack overflow vulnerability in the get_parentControl_list_Info function. This flaw can be exploited by attackers to cause a Denial of Service (DoS) condition or potentially execute arbitrary code through a specially crafted payload. Users of the affected product should be aware of this security risk and take appropriate measures to mitigate potential attacks.,Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,,false,false,false,,,false,false,,2023-04-07T02:15:00.000Z,0
CVE-2023-27014,https://securityvulnerability.io/vulnerability/CVE-2023-27014,Stack Overflow Vulnerability in Tenda AC10 Router,"A vulnerability exists in the Tenda AC10 Router where the sub_46AC38 function is susceptible to stack overflow attacks. By sending specially crafted payloads to the device, attackers can potentially disrupt service, leading to Denial of Service (DoS) conditions, or even execute arbitrary code. This flaw emphasizes the importance of ensuring that routers are kept up-to-date and secured against possible exploits.",Tenda,Ac10 Firmware,9.8,CRITICAL,0.002570000011473894,false,,false,false,false,,,false,false,,2023-04-07T02:15:00.000Z,0