cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-40799,https://securityvulnerability.io/vulnerability/CVE-2023-40799,Buffer Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router model version Vv16.03.07.45_cn contains a vulnerability that allows a buffer overflow through the sub_450A4C function. This flaw may enable attackers to execute arbitrary code or crash the device, posing significant security risks. Users are advised to monitor their devices and apply any available updates to mitigate potential threats.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-40800,https://securityvulnerability.io/vulnerability/CVE-2023-40800,Stack Overflow Vulnerability in Tenda AC23 Due to Inadequate User Input Authentication,"The compare_parentcontrol_time function in the Tenda AC23 v16.03.07.45_cn firmware is susceptible to a stack overflow vulnerability due to a lack of proper authentication for user input parameters. This oversight allows an attacker to exploit the system post-authentication, potentially leading to unintended behavior or a crash. Ensuring secure coding practices and validating user input is critical to mitigate such vulnerabilities.",Tenda,Ac23 Firmware,8.8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-40797,https://securityvulnerability.io/vulnerability/CVE-2023-40797,Post-Authentication Stack Overflow Vulnerability in Tenda AC23 Router,"In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function fails to validate user-entered parameters properly, creating a vulnerability for stack overflow post-authentication. This could potentially allow attackers to execute arbitrary code on the affected device after gaining access.",Tenda,Ac23 Firmware,8.8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-40802,https://securityvulnerability.io/vulnerability/CVE-2023-40802,Post-Authentication Heap Overflow in Tenda AC23 Router,"The Tenda AC23 router is susceptible to a post-authentication heap overflow vulnerability in the get_parentControl_list_Info function. This flaw arises due to the lack of parameter verification for user inputs, potentially allowing attackers to exploit this oversight. Exploitation could lead to arbitrary code execution or crash the device, thus jeopardizing the security of the router and the network it supports. It is crucial for users to apply necessary patches and updates to mitigate this risk.",Tenda,Ac23 Firmware,6.5,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-40801,https://securityvulnerability.io/vulnerability/CVE-2023-40801,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router is susceptible to a stack overflow vulnerability due to improper parameter validation in the sub_451784 function. This weakness can potentially allow an attacker to exploit the router, leading to unintended behaviors or crashes.",Tenda,Ac23,8.8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-40798,https://securityvulnerability.io/vulnerability/CVE-2023-40798,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router, specifically version v16.03.07.45_cn, is vulnerable due to improper user input validation in the formSetIPv6status and formGetWanParameter functions. This flaw allows attackers to exploit the vulnerability by sending specially crafted requests, potentially leading to a stack overflow condition post-authentication.",Tenda,Ac23 Firmware,8.8,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-2649,https://securityvulnerability.io/vulnerability/CVE-2023-2649,Tenda AC23 Service Port 7329 ate command injection,"A command injection vulnerability exists in the Tenda AC23 router's service port 7329, specifically within the /bin/ate file. This vulnerability allows attackers to manipulate the v2 argument, enabling them to execute arbitrary commands remotely. This risk is further heightened by the lack of response from Tenda upon disclosure, which could lead to potential exploitation in real-world scenarios. As the exploit is public, it presents significant security challenges for affected users.",Tenda,AC23,8.8,HIGH,0.003640000009909272,false,,false,false,false,,,false,false,,2023-05-11T08:15:00.000Z,0
CVE-2023-0782,https://securityvulnerability.io/vulnerability/CVE-2023-0782,Tenda AC23 httpd formGetSysToolDDNS out-of-bounds write,"A serious vulnerability has been identified in the Tenda AC23 router, particularly affecting the functions formSetSysToolDDNS and formGetSysToolDDNS within the /bin/httpd file. This flaw allows for an out-of-bounds write condition, potentially leading to arbitrary code execution. The attack is remotely exploitable, making it critical for users to apply security updates promptly. With the vulnerability already disclosed, attackers may leverage it to compromise network integrity.",Tenda,AC23,9.8,CRITICAL,0.0031500000040978193,false,,false,false,false,,,false,false,,2023-02-11T18:15:00.000Z,0
CVE-2022-43101,https://securityvulnerability.io/vulnerability/CVE-2022-43101,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router’s firmware has a stack overflow vulnerability that can be exploited through the 'devName' parameter in the 'formSetDeviceName' function. An attacker could potentially manipulate the input to execute arbitrary code, thereby compromising the security of the device. This type of vulnerability underscores the importance of securing IoT devices against unauthorized access and manipulation.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43102,https://securityvulnerability.io/vulnerability/CVE-2022-43102,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router version V16.03.07.45_cn is vulnerable to a stack overflow, which occurs through improper handling of the timeZone parameter within the fromSetSysTime function. This vulnerability can potentially allow an attacker to execute arbitrary code or cause significant disruptions in device functionality. Users should ensure that their devices are updated to the latest firmware to mitigate this risk.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43103,https://securityvulnerability.io/vulnerability/CVE-2022-43103,Stack Overflow Vulnerability in Tenda AC23 Product,"The Tenda AC23 router version V16.03.07.45_cn is susceptible to a stack overflow vulnerability triggered by the list parameter in the formSetQosBand function. This flaw may allow attackers to exploit the system, potentially leading to unauthorized access or denial of service, thus affecting the overall integrity and performance of the device.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43106,https://securityvulnerability.io/vulnerability/CVE-2022-43106,Stack Overflow Vulnerability in Tenda AC23 Router Product,"The Tenda AC23 router is vulnerable to a stack overflow issue caused by the 'schedStartTime' parameter within the 'setSchedWifi' function. This flaw can potentially allow attackers to exploit the router's firmware, leading to unauthorized access or control over the device. Proper validation of input parameters is essential to mitigate the risks associated with this vulnerability.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43107,https://securityvulnerability.io/vulnerability/CVE-2022-43107,Stack Overflow Vulnerability in Tenda AC23 Router Firmware,"The Tenda AC23 router's firmware version V16.03.07.45_cn is vulnerable to a stack overflow, which can be triggered by manipulating the time parameter in the setSmartPowerManagement function. This vulnerability may potentially allow attackers to execute arbitrary code, compromising the security and functionality of the device.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43108,https://securityvulnerability.io/vulnerability/CVE-2022-43108,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 Router has a vulnerability that allows for a stack overflow through the firewallEn parameter in the formSetFirewallCfg function. This flaw could potentially be exploited by attackers to manipulate the device's firewall settings, leading to unauthorized access or disruption of services. It highlights the importance of keeping device firmware updated to protect against potential cyber threats.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43104,https://securityvulnerability.io/vulnerability/CVE-2022-43104,Stack Overflow Vulnerability in Tenda AC23 Router,"A stack overflow vulnerability has been identified in the Tenda AC23 router, specifically affecting version V16.03.07.45_cn. This issue arises due to improper handling of the wpapsk_crypto parameter within the fromSetWirelessRepeat function. Exploitation of this vulnerability could allow attackers to manipulate device operations, potentially leading to unauthorized access and alterations in device settings.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-43105,https://securityvulnerability.io/vulnerability/CVE-2022-43105,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router has been found to possess a stack overflow vulnerability due to improper handling of the 'shareSpeed' parameter within the 'fromSetWifiGusetBasic' function. This flaw can potentially allow attackers to execute arbitrary code, compromising the security of the device and its network. Users are advised to apply the latest firmware updates to mitigate the risks associated with this vulnerability.",Tenda,Ac23 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-11-03T00:00:00.000Z,0
CVE-2022-32383,https://securityvulnerability.io/vulnerability/CVE-2022-32383,Stack Overflow Vulnerability in Tenda AC23 Router,"A stack overflow vulnerability has been identified in the Tenda AC23 router, specifically in the AdvSetMacMtuWan function. This issue can potentially allow attackers to execute arbitrary code, leading to unauthorized access and a compromise of network security. It is imperative for users to apply the necessary updates to mitigate risks associated with this vulnerability.",Tenda,Ac23 Ac2100 Firmware,9.8,CRITICAL,0.0034000000450760126,false,,false,false,false,,,false,false,,2022-07-06T11:36:37.000Z,0
CVE-2022-32385,https://securityvulnerability.io/vulnerability/CVE-2022-32385,Stack Overflow Vulnerability in Tenda AC23 Router by Tenda,"The Tenda AC23 Router with firmware version v16.03.07.44 is susceptible to a stack overflow vulnerability. This flaw could be exploited by an attacker to execute arbitrary code remotely, compromising the security of the device. Users of this router should take precautionary measures to protect their network and ensure that their firmware is updated to the latest version.",Tenda,Ac23 Ac2100 Firmware,9.8,CRITICAL,0.009239999577403069,false,,false,false,false,,,false,false,,2022-07-06T11:34:04.000Z,0
CVE-2022-32386,https://securityvulnerability.io/vulnerability/CVE-2022-32386,Buffer Overflow in Tenda AC23 Router Product by Tenda Technology,"The Tenda AC23 router, specifically version 16.03.07.44, is susceptible to a buffer overflow vulnerability through the method fromAdvSetMacMtuWan. This flaw could allow an attacker to execute arbitrary code or disrupt the normal functioning of the device. Users are encouraged to apply security patches and follow best practices to secure their networks.",Tenda,Ac23 Ac2100 Firmware,9.8,CRITICAL,0.004410000052303076,false,,false,false,false,,,false,false,,2022-07-06T11:32:23.000Z,0
CVE-2022-32384,https://securityvulnerability.io/vulnerability/CVE-2022-32384,Stack Overflow Vulnerability in Tenda AC23 Router,"The Tenda AC23 router, specifically version v16.03.07.44, contains a stack overflow vulnerability triggered by the security_5g parameter in the formWifiBasicSet function. This flaw could allow an attacker to exploit the overflow, potentially leading to unauthorized access or network disruption. It is crucial for users to apply the necessary updates to safeguard their devices against potential exploits that leverage this vulnerability.",Tenda,Ac23 Ac2100 Firmware,8.8,HIGH,0.0012199999764561653,false,,false,false,false,,,false,false,,2022-07-01T20:32:47.000Z,0