cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-52714,https://securityvulnerability.io/vulnerability/CVE-2024-52714,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 v2.0, specifically version v15.03.06.50, is susceptible to a buffer overflow vulnerability within the 'fromSetSysTime' function. This flaw can potentially lead to unauthorized access, data corruption, or system crashes, highlighting the need for immediate attention and remediation. Users of Tenda AC6 should prioritize applying security patches and updates to mitigate the associated risks.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0012400000123307109,false,,false,false,false,,,false,false,,2024-11-19T19:15:00.000Z,0
CVE-2023-38823,https://securityvulnerability.io/vulnerability/CVE-2023-38823,Buffer Overflow Vulnerability in Tenda AC Series Routers,"A vulnerability exists in Tenda AC19 v.1.0, AC18, AC9 v.1.0, and AC6 v.2.0 and v.1.0 routers that allows remote attackers to execute arbitrary code. This buffer overflow issue arises from the improper handling of input in the formSetCfm function within the bin/httpd component, potentially giving attackers unauthorized access to the device. This flaw emphasizes the importance of securing network devices from remote exploitation risks.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0057299998588860035,false,,false,false,false,,,false,false,,2023-11-20T00:00:00.000Z,0
CVE-2023-40830,https://securityvulnerability.io/vulnerability/CVE-2023-40830,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 Router, specifically version 15.03.05.19, is susceptible to a buffer overflow vulnerability due to improper length verification of the Index parameter. This oversight allows attackers to exploit the buffer overflow condition, potentially leading to unauthorized access or degradation of system functionality. Users and administrators should take immediate precautions to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002400000113993883,false,,false,false,false,,,false,false,,2023-10-03T00:00:00.000Z,0
CVE-2021-40546,https://securityvulnerability.io/vulnerability/CVE-2021-40546,Denial of Service Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a Denial of Service (DoS) condition due to an improperly validated parameter in the device's firmware. If an attacker, having access to the administrator password, sends an excessively long string to the 'wifiPwd_5G' parameter through the /goform/setWifi interface, it can lead to a device crash, rendering the router temporarily unusable. This vulnerability can be exploited to significantly disrupt network services, emphasizing the importance of safeguarding administrator credentials and promptly updating firmware.",Tenda,Ac6 Firmware,4.9,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-09-05T00:00:00.000Z,0
CVE-2023-40842,https://securityvulnerability.io/vulnerability/CVE-2023-40842,Buffer Overflow Vulnerability in Tenda AC6 Routers,"The Tenda AC6 router is affected by a buffer overflow vulnerability through the 'R7WebsSecurityHandler' function. This vulnerability can potentially allow attackers to execute arbitrary code and take control of the affected system, posing a significant security threat to users. It is essential for users to secure their devices by applying the latest firmware updates and implementing robust security measures.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40844,https://securityvulnerability.io/vulnerability/CVE-2023-40844,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability through the 'formWifiBasicSet' function. An attacker could exploit this vulnerability to execute arbitrary code, potentially compromising the integrity and security of the device. It's crucial for users to be aware of this risk and take necessary precautions to mitigate potential exploit attempts.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40838,https://securityvulnerability.io/vulnerability/CVE-2023-40838,Command Execution Vulnerability in Tenda AC6 Router,"The Tenda AC6 router contains a vulnerability in the specific function 'sub_3A1D0,' which allows for the execution of arbitrary commands through crafted input. This weakness could be exploited by attackers to execute malicious code remotely, potentially compromising the device and the network it is connected to. Users are advised to update their firmware and implement robust security measures to mitigate the risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.004720000084489584,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40843,https://securityvulnerability.io/vulnerability/CVE-2023-40843,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router firmware contains a buffer overflow vulnerability within the function 'sub_73004', which may allow attackers to execute arbitrary code or manipulate the device's operation. As a result, users of the Tenda AC6 router should consider applying necessary patches or updates to protect their networks from potential exploitation.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40839,https://securityvulnerability.io/vulnerability/CVE-2023-40839,Command Execution Issue in Tenda AC6 Router by Tenda,"The Tenda AC6 router is affected by a command execution vulnerability present in the 'formSetIptv' function. This vulnerability arises from the improper handling of input parameters, specifically 'list' and 'vlanId'. These parameters are passed unfiltered into the 'sub_ADF3C' function, which allows attackers to execute arbitrary commands remotely. This represents a significant security risk, potentially compromising the integrity and security of affected devices.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40848,https://securityvulnerability.io/vulnerability/CVE-2023-40848,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is vulnerable to a buffer overflow in the function 'sub_7D858', which could allow an attacker to exploit the device. This flaw could potentially lead to unauthorized access or execution of arbitrary code, compromising the integrity of the router's operations and the network it serves. Users are advised to monitor their devices closely and look for firmware updates that address this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40837,https://securityvulnerability.io/vulnerability/CVE-2023-40837,Command Execution Vulnerability in Tenda AC6 Product by Tenda,"The Tenda AC6 product is susceptible to a command execution vulnerability found in the 'sub_ADD50' function of the firmware. This vulnerability arises when the 'formSetIptv' function does not properly validate the 'list' and 'vlanId' parameters, allowing an attacker to exploit this flaw by injecting malicious commands. Such exploitation could lead to unauthorized execution of commands on the device, compromising its integrity and potentially impacting the user's network security.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40845,https://securityvulnerability.io/vulnerability/CVE-2023-40845,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router's firmware is exposed to a buffer overflow vulnerability due to improper handling of user-supplied input in the function 'sub_34FD0'. This lack of length checks allows attackers to exploit the vulnerability, potentially leading to arbitrary code execution and a compromise of the system. Administrators are encouraged to review their firmware versions and apply necessary patches to mitigate this risk.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40841,https://securityvulnerability.io/vulnerability/CVE-2023-40841,Buffer Overflow Vulnerability in Tenda AC6 Router by Tenda,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability found in the 'add_white_node' function. This flaw can be exploited by an attacker to execute arbitrary code, potentially compromising the router's integrity and allowing unauthorized access to network resources. It is essential for users of this device to apply necessary security patches and adhere to best practices to safeguard their network.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40847,https://securityvulnerability.io/vulnerability/CVE-2023-40847,Buffer Overflow Vulnerability in Tenda AC6 by Tenda,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability in the 'initIpAddrInfo' function. This issue occurs due to improper validation of user input; a parameter is passed without any length check, allowing potential attackers to exploit this flaw. Such exploitation may lead to unauthorized code execution or denial of service, posing significant risks to network security. It is essential for users of affected versions to apply necessary mitigations promptly.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40840,https://securityvulnerability.io/vulnerability/CVE-2023-40840,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability within the function 'fromGetWirelessRepeat.' This issue can allow an attacker to exploit the overflow, potentially compromising the router's functionality and security. Users of affected firmware should apply necessary updates or patches to ensure their devices remain secure against potential exploitation.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40846,https://securityvulnerability.io/vulnerability/CVE-2023-40846,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router, specifically the firmware version US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin, is susceptible to a buffer overflow vulnerability. This issue arises when the function sub_90998 is called, allowing attackers to execute arbitrary code, potentially compromising the device's functionality and security. Users are advised to monitor their devices and apply security patches to mitigate the risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-08-28T00:00:00.000Z,0
CVE-2023-39670,https://securityvulnerability.io/vulnerability/CVE-2023-39670,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router version _US_AC6V1.0BR_V15.03.05.16 has been identified with a buffer overflow vulnerability due to improper handling of user inputs in the fgets function. This flaw could potentially allow attackers to perform unauthorized actions, leading to system instability or exploitation. It is crucial for users to apply patches or updates provided by Tenda to mitigate this risk.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002689999993890524,false,,false,false,false,,,false,false,,2023-08-18T03:15:00.000Z,0
CVE-2022-40010,https://securityvulnerability.io/vulnerability/CVE-2022-40010,Cross-Site Scripting Vulnerability in Tenda AC6 AC1200 Smart Dual-Band WiFi Router,"The Tenda AC6 AC1200 Smart Dual-Band WiFi Router version 15.03.06.50_multi features a cross-site scripting vulnerability that can be exploited through the 'deviceId' parameter within the Parental Control module. This flaw could allow an attacker to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized actions within the user’s session.",Tenda,Ac6 Firmware,5.4,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2023-06-26T00:00:00.000Z,0
CVE-2023-26976,https://securityvulnerability.io/vulnerability/CVE-2023-26976,Stack Overflow Vulnerability in Tenda AC6 Routers,"A stack overflow vulnerability exists in Tenda AC6 routers due to improper handling of the ssid parameter within the form_fast_setting_wifi_set function. This flaw could allow an attacker to exploit the vulnerable components of the router, potentially leading to unauthorized access and the execution of arbitrary code. Users are urged to check their firmware and apply any available patches to mitigate the risk posed by this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,true,2023-04-11T11:02:48.000Z,true,false,false,,2023-04-04T02:15:00.000Z,0
CVE-2022-45651,https://securityvulnerability.io/vulnerability/CVE-2022-45651,Buffer Overflow in Tenda AC6 Router,"The Tenda AC6 router version V15.03.05.19 is vulnerable to a buffer overflow issue triggered by improper handling of the 'list' parameter in the formSetVirtualSer function. This flaw can allow attackers to exploit memory-related vulnerabilities, potentially leading to unauthorized access and manipulation of the device. Users are advised to review their device configurations and apply necessary updates to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45652,https://securityvulnerability.io/vulnerability/CVE-2022-45652,Buffer Overflow in Tenda AC6 Router Product by Tenda,"The Tenda AC6 V1.0 router, specifically version V15.03.05.19, is susceptible to a buffer overflow due to improper handling of the startIp parameter within the formSetPPTPServer function. This vulnerability can potentially be exploited by an attacker to execute arbitrary code, leading to unauthorized access or disruption of services. Users of the affected firmware are advised to apply patches or updates to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45657,https://securityvulnerability.io/vulnerability/CVE-2022-45657,Buffer Overflow Vulnerability in Tenda AC6 Product by Tenda,"The Tenda AC6 (V1.0 V15.03.05.19) contains a buffer overflow vulnerability that can be exploited via the 'list' parameter in the fromSetIpMacBind function. This vulnerability could allow an attacker to potentially execute arbitrary code, impacting the integrity and availability of the device. Users are advised to apply security updates and review configurations to mitigate the risk.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45649,https://securityvulnerability.io/vulnerability/CVE-2022-45649,Buffer Overflow Vulnerability in Tenda AC6 Router,"A buffer overflow has been identified in the Tenda AC6 router, specifically in the formSetPPTPServer function related to the endIp parameter. This vulnerability could allow an attacker to execute arbitrary code on the device by sending specially crafted input. Appropriate measures should be taken to protect network configurations and prevent unauthorized access.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45654,https://securityvulnerability.io/vulnerability/CVE-2022-45654,Buffer Overflow in Tenda AC6 Router from Tenda Technology,"The Tenda AC6 router, specifically version V1.0 V15.03.05.19, is susceptible to a buffer overflow vulnerability. This flaw occurs in the form_fast_setting_wifi_set function, where an inadequate validation of the 'ssid' parameter leads to potential exploitation. Attackers can exploit this vulnerability to execute arbitrary code, which may compromise the device's security and integrity. It is crucial for users to apply the latest firmware updates and follow security best practices to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45660,https://securityvulnerability.io/vulnerability/CVE-2022-45660,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is affected by a buffer overflow vulnerability in the setSchedWifi function, specifically through the schedStartTime parameter. This flaw may allow an attacker to manipulate memory management and potentially execute arbitrary code, compromising the security and integrity of the device. Users are advised to update to the latest firmware version to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0