cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-24543,https://securityvulnerability.io/vulnerability/CVE-2024-24543,Buffer Overflow Vulnerability in Tenda AC9 by Tenda Electronics,"The vulnerability allows a remote attacker to exploit a buffer overflow issue in the setSchedWifi function of Tenda AC9 version 3.0, specifically in firmware v.15.03.06.42_multi. By sending specially crafted overflow data, the attacker can trigger a denial of service or potentially execute arbitrary code on the affected device. This poses a significant risk, compromising the integrity and availability of the device and potentially allowing unauthorized access to the network.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.005400000140070915,false,,false,false,false,,,false,false,,2024-02-05T00:00:00.000Z,0
CVE-2023-40942,https://securityvulnerability.io/vulnerability/CVE-2023-40942,Stack Overflow Vulnerability in Tenda AC9 Router,"A stack overflow vulnerability was identified in the Tenda AC9 router, specifically affecting the firmware version V3.0BR_V15.03.06.42_multi_TD01. This issue arises through improper handling of the 'firewall_value' parameter in the SetFirewallCfg endpoint. Exploiting this vulnerability could allow an attacker to manipulate the firewall settings, potentially leading to unauthorized access or denial of service.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-09-07T00:00:00.000Z,0
CVE-2023-41562,https://securityvulnerability.io/vulnerability/CVE-2023-41562,Stack Overflow Vulnerability in Tenda AC Series Routers,"Multiple models in the Tenda AC series of routers have been identified with a vulnerability that allows for a stack overflow through the 'time' parameter at the /goform/PowerSaveSet URL. This flaw could enable attackers to execute arbitrary code, potentially compromising the integrity and confidentiality of the device and associated networks.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41561,https://securityvulnerability.io/vulnerability/CVE-2023-41561,Stack Overflow Vulnerability in Tenda AC9 and AC5 Routers,"The Tenda AC9 V3.0 and AC5 routers are susceptible to a stack overflow vulnerability due to improper handling of the startIp and endIp parameters in the /goform/SetPptpServerCfg URL. Attackers can exploit this flaw to execute arbitrary code or disrupt the normal functioning of the device, thereby compromising network security.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41552,https://securityvulnerability.io/vulnerability/CVE-2023-41552,Stack Overflow Vulnerability in Tenda AC7 and AC9 WiFi Routers,"A stack overflow vulnerability has been identified in Tenda AC7 and AC9 WiFi routers. The issue arises from improper handling of the 'ssid' parameter within the /goform/fast_setting_wifi_set endpoint. Attackers could exploit this vulnerability to potentially execute arbitrary code, posing a significant security risk to affected devices. Users are advised to apply available updates and implement security best practices to mitigate risks.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41560,https://securityvulnerability.io/vulnerability/CVE-2023-41560,Stack Overflow Vulnerability in Tenda AC9 Router Firmware from Tenda,"The Tenda AC9 router firmware version V15.03.06.42_multi has been found to contain a stack overflow vulnerability that can be exploited through the 'firewallEn' parameter at the /goform/SetFirewallCfg endpoint. This flaw could allow an attacker to disrupt the normal operation of the router, potentially leading to unauthorized access or denial of service. Users are advised to review their firmware versions and apply any available patches to ensure network security.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41559,https://securityvulnerability.io/vulnerability/CVE-2023-41559,Stack Overflow Vulnerability in Tenda Routers,"Tenda routers including models AC5, AC7, and AC9 were identified with a stack overflow vulnerability through the parameter page at the URL /goform/NatStaticSetting. This flaw allows an attacker to exploit the stack overflow, potentially leading to unauthorized access or system crashes. Ensuring that your routers are updated with the latest firmware is crucial to protecting them from potential threats associated with this vulnerability.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41553,https://securityvulnerability.io/vulnerability/CVE-2023-41553,Stack Overflow Vulnerability in Tenda AC9 and AC5 Products,"The vulnerability introduces a stack overflow due to improper handling of parameters in the /goform/SetStaticRouteCfg URL path. This flaw may allow attackers to exploit the system by sending specially crafted input, leading to potential unauthorized access and manipulation of the affected products. Organizations using Tenda AC9 and AC5 devices should take immediate measures to mitigate this issue.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41563,https://securityvulnerability.io/vulnerability/CVE-2023-41563,Stack Overflow Vulnerability in Tenda AC9 and AC5 Router Firmware,"A stack overflow vulnerability has been identified in the Tenda AC9 and AC5 router firmware, triggered by the 'mac' parameter in the /goform/GetParentControlInfo URL. When exploited, this vulnerability could allow attackers to cause unintended behavior in the router, potentially leading to a denial of service or unauthorized access to sensitive information. Users are advised to update their firmware to mitigate the risks associated with this vulnerability.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41556,https://securityvulnerability.io/vulnerability/CVE-2023-41556,Stack Overflow Vulnerability in Tenda AC Series Routers,"Certain Tenda AC series routers, specifically AC7, AC9, and AC5, are susceptible to a stack overflow flaw that can be triggered by malformed parameter lists at the '/goform/SetIpMacBind' URL. This vulnerability opens a potential entry point for attackers to execute malicious code or disrupt the normal operation of the device. It is essential for users of affected models to apply any available security updates and review best practices for securing their network devices.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-41554,https://securityvulnerability.io/vulnerability/CVE-2023-41554,Stack Overflow Vulnerability in Tenda AC9 Router by Tenda,"The Tenda AC9 router version V15.03.06.42_multi contains a vulnerability that allows an attacker to exploit a stack overflow through improperly validated parameters in the wpapsk_crypto setting at the /goform/WifiExtraSet URL. This flaw can potentially be leveraged to gain unauthorized access to sensitive network functionalities, compromising the security and integrity of the device and the network it operates within.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.001970000099390745,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2022-36571,https://securityvulnerability.io/vulnerability/CVE-2022-36571,Stack Overflow Vulnerability in Tenda AC9 Router,"The Tenda AC9 router is susceptible to a stack overflow due to improper handling of the 'mask' parameter in the '/goform/WanParameterSetting' endpoint. Exploiting this vulnerability can lead to unauthorized access and control over the device, compromising the security of the network. Users are urged to update their firmware to mitigate potential risks associated with this vulnerability.",Tenda,Ac9 Firmware,7.2,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-08-31T19:03:27.000Z,0
CVE-2022-36570,https://securityvulnerability.io/vulnerability/CVE-2022-36570,Stack Overflow Vulnerability in Tenda AC9 by Tenda,"The Tenda AC9 router, specifically version V15.03.05.19, is susceptible to a stack overflow vulnerability triggered by the 'time' parameter in the SetLEDCfg function. Exploiting this flaw could potentially allow attackers to execute arbitrary code, compromising the device's security and operation. It is crucial for users to be aware of this issue and apply available security updates to mitigate the risks associated with this vulnerability.",Tenda,Ac9 Firmware,7.2,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-08-31T19:03:26.000Z,0
CVE-2022-36569,https://securityvulnerability.io/vulnerability/CVE-2022-36569,Stack Overflow Vulnerability in Tenda AC9 Router Software,"A stack overflow vulnerability has been identified in Tenda AC9 routers, specifically in the deviceList parameter at /goform/setMacFilterCfg. This flaw can potentially be exploited by sending specially crafted requests, leading to unauthorized access and system instability. Users are advised to update their devices to the latest firmware version to mitigate this risk.",Tenda,Ac9 Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-08-31T19:03:25.000Z,0
CVE-2022-36568,https://securityvulnerability.io/vulnerability/CVE-2022-36568,Stack Overflow Vulnerability in Tenda AC9 Router,"A stack overflow vulnerability has been identified in the Tenda AC9 router, specifically affecting version V15.03.05.19. This security flaw arises from improper handling of the list parameter at the /goform/setPptpUserList endpoint, allowing an attacker to exploit the overflow and potentially execute arbitrary code on the device. If left unaddressed, this vulnerability poses significant risks to the device's integrity and could lead to unauthorized access or disruption.",Tenda,Ac9 Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2022-08-31T19:03:24.000Z,0
CVE-2022-36233,https://securityvulnerability.io/vulnerability/CVE-2022-36233,Buffer Overflow Vulnerability in Tenda AC9 Router,"The Tenda AC9 Router, specifically the version V15.03.2.13, is susceptible to a buffer overflow vulnerability through the httpd service at the form_fast_setting_wifi_set endpoint. This flaw could potentially allow an attacker to execute arbitrary code, compromising the integrity of the device and disrupting its normal operation. Users of the Tenda AC9 are urged to apply relevant patches and firmware updates to mitigate the associated risks.",Tenda,Ac9 Firmware,5.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2022-08-19T21:31:12.000Z,0
CVE-2022-36273,https://securityvulnerability.io/vulnerability/CVE-2022-36273,Command Injection in Tenda AC9 Router Firmware,"The Tenda AC9 router firmware, specifically version V15.03.2.21_cn, is susceptible to a command injection vulnerability that can be exploited through the goform/SetSysTimeCfg endpoint. This allows attackers to execute arbitrary commands on the underlying system, potentially leading to unauthorized access and control of the device. Users are advised to update their firmware to mitigate the risk associated with this vulnerability.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.00901000015437603,false,,false,false,false,,,false,false,,2022-08-16T12:43:35.000Z,0
CVE-2021-42659,https://securityvulnerability.io/vulnerability/CVE-2021-42659,Buffer Overflow Vulnerability in Tenda AC9 Routers,"A buffer overflow vulnerability exists in the httpd web server of Tenda AC9 router models. This issue arises when a super-long list parameter is set during virtual service configuration, which causes the httpd program to crash unexpectedly. This can result in loss of service and potential unauthorized access to the device.",Tenda,Ac9 Firmware,6.5,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2022-05-24T11:41:53.000Z,0
CVE-2022-28560,https://securityvulnerability.io/vulnerability/CVE-2022-28560,Stack Overflow Vulnerability in Tenda AC9 Router by Tenda,"A stack overflow vulnerability exists in the goform/fast_setting_wifi_set function within the httpd service of the Tenda AC9 router. This vulnerability allows an attacker to execute a carefully crafted payload that can lead to unauthorized access through a stable shell, enabling potential exploitation of the device.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2022-05-03T15:20:33.000Z,0
CVE-2022-27022,https://securityvulnerability.io/vulnerability/CVE-2022-27022,Stack Overflow Vulnerability in Tenda AC9 HTTP Service,"A stack overflow vulnerability exists in the SetSysTimeCfg() function of the httpd service in the Tenda AC9. This vulnerability can allow an attacker to craft a payload that compromises the system, potentially granting them a stable root shell and full control over the affected device.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2022-04-07T15:02:46.000Z,0
CVE-2022-27016,https://securityvulnerability.io/vulnerability/CVE-2022-27016,Stack Overflow Vulnerability in Tenda AC9 HTTP Service,"A stack overflow vulnerability exists in the SetStaticRouteCfg() function of the httpd service within the Tenda AC9 device. This flaw could potentially allow remote attackers to execute arbitrary code or cause a denial of service, compromising the security and functionality of the device. Users of Tenda AC9 are advised to review their configurations and apply any relevant security updates to mitigate these risks.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2022-04-07T14:20:03.000Z,0
CVE-2022-26278,https://securityvulnerability.io/vulnerability/CVE-2022-26278,Stack Overflow Vulnerability in Tenda AC9 Router,"A stack overflow vulnerability has been identified in the Tenda AC9 router, specifically in the time parameter used within the PowerSaveSet function. This flaw could potentially allow attackers to execute unauthorized commands, compromising the integrity and security of the device. Users are advised to review their firmware version and ensure they are running the latest updates to mitigate exposure to this vulnerability.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.003269999986514449,false,,false,false,false,,,false,false,,2022-03-28T20:58:32.000Z,0
CVE-2022-25441,https://securityvulnerability.io/vulnerability/CVE-2022-25441,Remote Command Execution Vulnerability in Tenda AC9 Router,"The Tenda AC9 router, specifically version 15.03.2.21, is vulnerable to a remote command execution issue. This flaw arises when manipulating the vlanid parameter within the SetIPTVCfg function, allowing attackers to execute arbitrary commands on the affected device remotely. This vulnerability poses a significant risk as it can be exploited by unauthorized users to gain control over the device and potentially access sensitive information.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.03545999899506569,false,,false,false,false,,,false,false,,2022-03-18T20:53:13.000Z,0
CVE-2022-25440,https://securityvulnerability.io/vulnerability/CVE-2022-25440,Stack Overflow Vulnerability in Tenda AC9 Router,"The Tenda AC9 router, specifically version 15.03.2.21, has been identified to possess a stack overflow vulnerability within the ntpserver parameter of the SetSysTimeCfg function. This flaw allows for potential exploitation, enabling attackers to execute arbitrary code, thereby compromising the device's integrity and security. Users of the Tenda AC9 should ensure they are aware of this issue and take necessary measures to secure their devices against unauthorized access.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.003269999986514449,false,,false,false,false,,,false,false,,2022-03-18T20:53:12.000Z,0
CVE-2022-25438,https://securityvulnerability.io/vulnerability/CVE-2022-25438,Remote Command Execution Vulnerability in Tenda AC9 by Tenda,"The Tenda AC9 version 15.03.2.21 has been identified with a remote command execution vulnerability in the SetIPTVCfg function. This flaw allows an attacker to execute arbitrary commands remotely, potentially compromising the integrity and confidentiality of the device. Users of the Tenda AC9 should take immediate steps to secure their devices by applying available patches or updates to mitigate this risk.",Tenda,Ac9 Firmware,9.8,CRITICAL,0.03545999899506569,false,,false,false,false,,,false,false,,2022-03-18T20:53:11.000Z,0