cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10434,https://securityvulnerability.io/vulnerability/CVE-2024-10434,Stack-Based Buffer Overflow Vulnerability in Tenda AC1206 Router,"Recently identified vulnerabilities in the Tenda AC1206 router highlight significant security concerns, particularly a critical stack-based buffer overflow associated with the ate_Tenda_mfg_check_usb function. This vulnerability allows attackers to manipulate specific arguments resulting in a buffer overflow, which can be exploited remotely. With versions up to 20241027 affected, this issue poses a grave risk as it could allow unauthorized access and control over the router. Given that this exploit has been publicly disclosed, it's crucial for users to be aware and apply necessary updates to safeguard against potential attacks.",Tenda,Ac1206,9.8,CRITICAL,0.003530000103637576,false,,false,false,true,2024-10-28T00:31:05.000Z,true,false,false,,2024-10-28T00:31:05.947Z,0
CVE-2024-9793,https://securityvulnerability.io/vulnerability/CVE-2024-9793,Remote Command Injection Vulnerability in Tenda AC1206 Router,"A severe vulnerability has been identified in Tenda's AC1206 router affecting all versions up to 15.03.06.23. This security flaw resides in the ate_iwpriv_set and ate_ifconfig_set functions located in the /goform/ate file, enabling attackers to perform command injection. Given the nature of this vulnerability, it can be exploited remotely, allowing unauthorized users to execute harmful commands that may lead to the compromise of the router's functionality and security. Despite early disclosure of the vulnerability to Tenda, no response or remediation has been provided by the vendor, raising concerns over user safety. It is crucial for users of the affected devices to take immediate action to mitigate the risks associated with this vulnerability.",Tenda,Ac1206,9.8,CRITICAL,0.031530000269412994,false,,false,false,true,2024-10-10T14:31:06.000Z,true,false,false,,2024-10-10T15:31:06.625Z,0
CVE-2023-38935,https://securityvulnerability.io/vulnerability/CVE-2023-38935,Buffer Overflow Vulnerability in Tenda AC Series Routers,"A buffer overflow vulnerability exists in the Tenda AC series routers through the list parameter in the formSetQosBand function. Exploiting this weakness could potentially allow an attacker to gain unauthorized access and control over the affected devices. This impacts Tenda router models AC1206, AC8, AC5, AC10, and AC9, highlighting the importance of securing network devices against such vulnerabilities.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2023-08-07T00:00:00.000Z,0
CVE-2022-42079,https://securityvulnerability.io/vulnerability/CVE-2022-42079,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router has a vulnerability that allows for a stack overflow in the function formWifiBasicSet. This issue could be exploited to execute arbitrary code, potentially compromising the device's integrity and security. Users are advised to update their firmware and apply security best practices to mitigate the risks associated with this vulnerability.",Tenda,Ac1206 Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-10-12T00:00:00.000Z,0
CVE-2022-42080,https://securityvulnerability.io/vulnerability/CVE-2022-42080,Heap Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router is susceptible to a heap overflow vulnerability due to improper handling of the sched_start_time parameter. This flaw allows attackers to exploit the router's memory management, potentially leading to remote code execution or unauthorized access, compromising the device's security and the privacy of its users' data. Users are encouraged to update to the latest firmware to mitigate the risk associated with this vulnerability.",Tenda,Ac1206 Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-10-12T00:00:00.000Z,0
CVE-2022-42081,https://securityvulnerability.io/vulnerability/CVE-2022-42081,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router is vulnerable to a stack overflow exploit due to the improper handling of the sched_end_time parameter. This vulnerability can be exploited by an attacker to potentially execute arbitrary code or crash the device, posing significant risks to network security. Users should ensure their devices are updated and consider implementing additional security measures to mitigate any potential impacts.",Tenda,Ac1206 Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-10-12T00:00:00.000Z,0
CVE-2022-42077,https://securityvulnerability.io/vulnerability/CVE-2022-42077,Cross-Site Request Forgery Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router, specifically the version US_AC1206V1.0RTL_V15.03.06.23_multi_TD01, is exposed to a Cross Site Request Forgery (CSRF) vulnerability. This flaw allows attackers to exploit the router's functionality, potentially leading to unauthorized changes or disclosure of sensitive information. Users should be aware of the risks associated with this vulnerability and take appropriate measures to secure their devices.",Tenda,Ac1206 Firmware,6.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2022-10-12T00:00:00.000Z,0
CVE-2022-42078,https://securityvulnerability.io/vulnerability/CVE-2022-42078,Cross Site Request Forgery in Tenda AC1206 Router,"The Tenda AC1206 router is susceptible to a Cross Site Request Forgery (CSRF) attack through the function fromSysToolRestoreSet. An attacker can exploit this vulnerability to perform unauthorized actions on behalf of a user, potentially leading to changes in configuration or unauthorized access to sensitive information. To enhance security, it is essential to implement measures that safeguard against CSRF attacks, such as employing anti-CSRF tokens and ensuring secure coding practices are followed.",Tenda,Ac1206 Firmware,6.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2022-10-12T00:00:00.000Z,0
CVE-2022-37816,https://securityvulnerability.io/vulnerability/CVE-2022-37816,Stack Overflow Vulnerability in Tenda AC1206 Router,"A stack overflow vulnerability has been identified in the Tenda AC1206 router, specifically in the fromSetIpMacBind function. This flaw could allow attackers to exploit the router's memory allocation, potentially leading to unauthorized access or execution of arbitrary code. Users of this device should take immediate action to mitigate risk, ensuring their firmware is up to date and implementing network security best practices.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:07:19.000Z,0
CVE-2022-37814,https://securityvulnerability.io/vulnerability/CVE-2022-37814,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router version V15.03.06.23 contains vulnerabilities that introduce risk through multiple stack overflow conditions triggered by input in the deviceMac and device_id parameters within the addWifiMacFilter function. Exploitation of these overflows can lead to potential unauthorized access or denial of service, posing a significant threat to device integrity and network security.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:07:12.000Z,0
CVE-2022-37815,https://securityvulnerability.io/vulnerability/CVE-2022-37815,Stack Overflow Vulnerability in Tenda AC1206 Router Software,"The Tenda AC1206 router software is vulnerable to a stack overflow issue that can be triggered through the PPPOEPassword parameter in the formQuickIndex function. This vulnerability may allow attackers to manipulate the stack and execute arbitrary code, posing a significant security risk to users and the integrity of the network. Users of the affected version should take immediate action to mitigate potential threats.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:06:55.000Z,0
CVE-2022-37813,https://securityvulnerability.io/vulnerability/CVE-2022-37813,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router is susceptible to a stack overflow vulnerability through the function fromSetSysTime, which could potentially lead to unauthorized access or denial of service. This weakness arises from improper handling of user input, allowing attackers to exploit the flaw by sending crafted requests. Users are advised to apply relevant updates and follow best practices for securing their devices against such vulnerabilities.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:06:50.000Z,0
CVE-2022-37809,https://securityvulnerability.io/vulnerability/CVE-2022-37809,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router is susceptible to a stack overflow vulnerability, which can be triggered through the speed_dir parameter in the formSetSpeedWan function. When exploited, this vulnerability may allow an attacker to execute arbitrary code or disrupt service. It is crucial for users to be aware of this issue and apply necessary security patches or configurations to safeguard their devices.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:06:48.000Z,0
CVE-2022-37810,https://securityvulnerability.io/vulnerability/CVE-2022-37810,Command Injection Vulnerability in Tenda AC1206 Router,"A command injection flaw has been identified in the Tenda AC1206 router, specifically in the handling of the 'mac' parameter within the formWriteFacMac function. This vulnerability enables attackers to inject arbitrary commands, potentially compromising the security and integrity of the device. Updating to the latest firmware and properly configuring the router's settings are crucial for safeguarding against exploitation.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.00901000015437603,false,,false,false,false,,,false,false,,2022-08-25T14:06:35.000Z,0
CVE-2022-37808,https://securityvulnerability.io/vulnerability/CVE-2022-37808,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router has a vulnerability that allows attackers to exploit a stack overflow condition through the 'index' parameter in the 'formWifiWpsOOB' function. This could lead to unintended execution of arbitrary code, potentially compromising the device and the network it services. Users are advised to apply security patches and follow best practices to mitigate risks associated with this vulnerability.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:06:15.000Z,0
CVE-2022-37807,https://securityvulnerability.io/vulnerability/CVE-2022-37807,Stack Overflow Vulnerability in Tenda AC1206 Router,"A stack overflow vulnerability has been identified in the Tenda AC1206 router, specifically through the function formSetClientState. This flaw could be exploited to manipulate the router's operational data, potentially leading to unauthorized access or control over the device. It is crucial for users of the Tenda AC1206 to remain vigilant and apply any available updates to mitigate the risks associated with this vulnerability.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:06:06.000Z,0
CVE-2022-37806,https://securityvulnerability.io/vulnerability/CVE-2022-37806,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router version V15.03.06.23 is vulnerable to a stack overflow, which can occur via the page parameter in the fromDhcpListClient function. This vulnerability allows attackers to potentially execute arbitrary code or disrupt normal operations by exploiting the overflow, leading to unauthorized access or system instability.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:05:58.000Z,0
CVE-2022-37805,https://securityvulnerability.io/vulnerability/CVE-2022-37805,Stack Overflow Vulnerability in Tenda AC1206 Router Software,"The Tenda AC1206 router, specifically version V15.03.06.23, is vulnerable to a stack overflow issue within its 'fromWizardHandle' function. This vulnerability may be exploited by an attacker to execute arbitrary code or disrupt the normal operation of the device, posing significant security risks to users. It is essential for administrators and users of affected devices to be aware of this risk and apply any available security updates or mitigations to protect their networks.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:05:57.000Z,0
CVE-2022-37812,https://securityvulnerability.io/vulnerability/CVE-2022-37812,Stack Overflow Vulnerability in Tenda AC1206 Firewall Configuration,"A stack overflow vulnerability has been identified in the Tenda AC1206 router, specifically affecting the firewall configuration parameters. The flaw resides in the function formSetFirewallCfg, where improper input handling of the firewallEn parameter can lead to potential system crashes and exploitation risks. This vulnerability can be targeted by attackers to execute arbitrary code, emphasizing the need for timely security measures and updates to protect network devices.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:05:43.000Z,0
CVE-2022-37811,https://securityvulnerability.io/vulnerability/CVE-2022-37811,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router has been found to contain a vulnerability that allows remote attackers to execute a stack overflow via the startIp parameter in the formSetPPTPServer function. This flaw could potentially enable an unauthorized user to gain elevated privileges or execute arbitrary code, posing significant security risks for the affected devices.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:05:43.000Z,0
CVE-2022-37803,https://securityvulnerability.io/vulnerability/CVE-2022-37803,Stack Overflow Vulnerability in Tenda AC1206 Routers,"The Tenda AC1206 router version V15.03.06.23 has been identified with a stack overflow vulnerability, which is triggered by the 'page' parameter in the 'fromAddressNat' function. This flaw can enable an attacker to manipulate the system's stack, potentially leading to unauthorized access or service disruptions. Users are advised to review their configurations and apply necessary security updates.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:04:37.000Z,0
CVE-2022-37804,https://securityvulnerability.io/vulnerability/CVE-2022-37804,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 Router version V15.03.06.23 is affected by a stack overflow vulnerability that occurs due to improper handling of the 'time' parameter in the function 'saveParentControlInfo'. This flaw may allow an attacker to manipulate the router's functionality, potentially leading to unauthorized access or a denial of service. It is crucial for users to apply the necessary updates or patches to mitigate this risk.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:04:34.000Z,0
CVE-2022-37801,https://securityvulnerability.io/vulnerability/CVE-2022-37801,Stack Overflow Vulnerability in Tenda AC1206 by Tenda,"A stack overflow has been identified in the Tenda AC1206 router, specifically through the 'list' parameter within the function formSetQosBand. This vulnerability may lead to unexpected behavior, including the potential for arbitrary code execution, compromising the security of users' networks. Immediate attention and remediation are recommended to ensure the safety and integrity of the device.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:04:34.000Z,0
CVE-2022-37800,https://securityvulnerability.io/vulnerability/CVE-2022-37800,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router version V15.03.06.23 has been identified to contain a stack overflow vulnerability within the 'fromSetRouteStatic' function. This vulnerability is triggered by manipulating the 'list' parameter, potentially allowing an attacker to execute arbitrary code or disrupt service. It emphasizes the importance of maintaining updated firmware to protect against potential exploits.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:04:34.000Z,0
CVE-2022-37802,https://securityvulnerability.io/vulnerability/CVE-2022-37802,Stack Overflow Vulnerability in Tenda AC1206 Router,"The Tenda AC1206 router version V15.03.06.23 is susceptible to a stack overflow vulnerability triggered by manipulating the 'page' parameter in the 'fromNatStaticSetting' function. This flaw could potentially allow an attacker to execute arbitrary code or disrupt the normal operation of the device, posing significant risks to users' network security. It's crucial for operators of affected devices to take immediate action to mitigate this issue.",Tenda,Ac1206 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-08-25T14:04:34.000Z,0