cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-51812,https://securityvulnerability.io/vulnerability/CVE-2023-51812,Remote Code Execution Vulnerability in Tenda AX3 Router,"The Tenda AX3 router has been identified with a remote code execution vulnerability that can be exploited through the manipulation of the 'list' parameter found at the /goform/SetNetControlList endpoint. This security flaw allows attackers to execute arbitrary code on the affected device, potentially compromising user data and network integrity. Users are advised to update their devices to the latest firmware version to mitigate this risk.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.005859999917447567,false,,false,false,false,,,false,false,,2024-01-04T00:00:00.000Z,0
CVE-2023-49409,https://securityvulnerability.io/vulnerability/CVE-2023-49409,Command Execution Vulnerability in Tenda AX3 Router,"A command execution vulnerability has been identified in the Tenda AX3 router, specifically impacting version V16.03.12.11. This vulnerability allows unauthorized remote attackers to execute commands through the router's telnet function, potentially compromising the device and the network it serves. Users are advised to review the security implications of this vulnerability and apply necessary updates or mitigation strategies to secure their systems.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.0036700000055134296,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49408,https://securityvulnerability.io/vulnerability/CVE-2023-49408,Stack Overflow Vulnerability in Tenda AX3 Router,"A stack overflow vulnerability has been identified in the Tenda AX3 router, specifically in version V16.03.12.11. The issue occurs within the 'set_device_name' function, which can potentially be exploited by an attacker to execute arbitrary code or crash the device, leading to unauthorized access or disruption of services.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-40915,https://securityvulnerability.io/vulnerability/CVE-2023-40915,Stack Buffer Overflow in Tenda AX3 Router,"The Tenda AX3 router version 16.03.12.11 is susceptible to a stack buffer overflow vulnerability within the form_fast_setting_wifi_set function. An attacker can exploit this flaw by manipulating the ssid parameter, potentially resulting in a Denial of Service (DoS). This vulnerability poses a significant risk, allowing for interruption of service and disruption of network operations.",Tenda,Ax3 Firmware,7.5,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-08-25T00:00:00.000Z,0
CVE-2023-27042,https://securityvulnerability.io/vulnerability/CVE-2023-27042,Buffer Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router, specifically version V16.03.12.11, is susceptible to a buffer overflow vulnerability through the endpoint /goform/SetFirewallCfg. This flaw may allow an attacker to execute arbitrary code, leading to unauthorized access and potential manipulation of network security configurations. Users of the Tenda AX3 are advised to monitor for suspicious activity and apply any available security patches to mitigate risks.",Tenda,Ax3 Firmware,8.8,HIGH,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-03-24T00:00:00.000Z,0
CVE-2023-27239,https://securityvulnerability.io/vulnerability/CVE-2023-27239,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router is susceptible to a stack overflow vulnerability due to improper handling of the 'shareSpeed' parameter in the WifiGuestSet form. This flaw could allow attackers to manipulate memory space, potentially leading to unauthorized access or service disruptions. Users of the Tenda AX3 should take immediate precautions and apply security updates to mitigate risks related to this vulnerability.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-27240,https://securityvulnerability.io/vulnerability/CVE-2023-27240,Command Injection Vulnerability in Tenda AX3 Router,"A command injection vulnerability has been identified in the Tenda AX3 router, specifically affecting the version V16.03.12.11. This flaw arises from improper handling of the 'lanip' parameter at the '/goform/AdvSetLanip' endpoint, allowing unauthorized execution of arbitrary commands. Exploitation of this vulnerability can lead to significant security breaches, including unauthorized access and manipulation of network settings.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.030389999970793724,false,,false,false,false,,,false,false,,2023-03-15T00:00:00.000Z,0
CVE-2023-24212,https://securityvulnerability.io/vulnerability/CVE-2023-24212,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router has a vulnerability that allows for a stack overflow through the timeType function located in the /goform/SetSysTimeCfg endpoint. This flaw could be exploited by an attacker to potentially execute arbitrary code, resulting in unauthorized access or disruption of services. It is crucial for users of the affected Tenda AX3 model to implement security measures and apply the necessary patches to mitigate the risks associated with this vulnerability.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.00203000009059906,false,,false,false,false,,,false,false,,2023-02-23T00:00:00.000Z,0
CVE-2022-24995,https://securityvulnerability.io/vulnerability/CVE-2022-24995,Stack Overflow Vulnerability in Tenda AX3 Routers,"The Tenda AX3 router has a vulnerability in the function fromSetSysTime, which can be exploited through a malformed time parameter. This exploitation leads to a stack overflow situation, allowing attackers to disrupt services by causing the device to become unresponsive. Mitigating this vulnerability is crucial for maintaining the security and availability of the affected devices.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.003269999986514449,false,,false,false,false,,,false,false,,2022-03-10T17:46:00.000Z,0
CVE-2021-46394,https://securityvulnerability.io/vulnerability/CVE-2021-46394,Stack Buffer Overflow in Tenda-AX3 Router,"A stack buffer overflow vulnerability exists in the formSetPPTPServer function of Tenda-AX3 routers. The vulnerability arises when the function processes the 'startIp' parameter from an HTTP request without proper input validation. By exploiting this flaw, an attacker can manipulate the stack memory, allowing for potential remote code execution if they carefully construct the input data. This vulnerability underscores the importance of secure coding practices in router firmware to prevent unauthorized access and control.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.008569999597966671,false,,false,false,false,,,false,false,,2022-03-04T13:05:00.000Z,0
CVE-2021-46393,https://securityvulnerability.io/vulnerability/CVE-2021-46393,Stack Buffer Overflow in Tenda-AX3 Router,"The Tenda-AX3 router contains a stack buffer overflow vulnerability in the formSetPPTPServer function. An attacker can exploit this flaw by sending a specially crafted HTTP request to the /goform/SetPptpServerCfg endpoint, with the startIp parameter manipulated to overflow the buffer. This allows the potential for remote code execution, posing significant security risks for affected devices. Users are advised to apply updates or take preventive measures to secure their networks.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.008569999597966671,false,,false,false,false,,,false,false,,2022-03-04T13:00:17.000Z,0
CVE-2022-24142,https://securityvulnerability.io/vulnerability/CVE-2022-24142,Stack Overflow Vulnerability in Tenda AX3 Router Firmware,"The Tenda AX3 router firmware version 16.03.12.10_CN has a stack overflow vulnerability in the function responsible for setting firewall configurations. This flaw could allow an attacker to exploit the firewallEn parameter, potentially leading to a Denial of Service (DoS) condition. When triggered, it can incapacitate the router, disrupt network services, and create significant security risks for users.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:26.000Z,0
CVE-2022-24144,https://securityvulnerability.io/vulnerability/CVE-2022-24144,Command Injection Vulnerability in Tenda AX3 Router,"The Tenda AX3 v16.03.12.10_CN has a security flaw due to a command injection vulnerability in its WanParameterSetting function. This issue permits malicious actors to execute arbitrary commands by manipulating parameters such as gateway, dns1, and dns2. Attackers could exploit this vulnerability to gain unauthorized control over the device, potentially leading to severe consequences for network security. Immediate attention and remediation are essential to protect affected devices.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.012140000239014626,false,,false,false,false,,,false,false,,2022-02-04T01:33:25.000Z,0
CVE-2022-24143,https://securityvulnerability.io/vulnerability/CVE-2022-24143,Stack Overflow Vulnerability in Tenda AX3 and AX12 Products,"The Tenda AX3 and AX12 routers contain a stack overflow vulnerability within the form_fast_setting_wifi_set function, triggered by the timeZone parameter. This flaw allows an attacker to exploit the vulnerability, potentially resulting in a Denial of Service (DoS). Attackers can leverage this weakness to disrupt the normal operation of the affected devices, compelling organizations to implement immediate corrective measures.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:25.000Z,0
CVE-2022-24145,https://securityvulnerability.io/vulnerability/CVE-2022-24145,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router version v16.03.12.10_CN has a vulnerability that enables attackers to exploit a stack overflow in the function formWifiBasicSet. By sending specially crafted values to the security and security_5g parameters, an attacker can trigger this vulnerability, leading to a Denial of Service (DoS) condition, thereby disrupting the normal operation of the device.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:22.000Z,0
CVE-2022-24146,https://securityvulnerability.io/vulnerability/CVE-2022-24146,Stack Overflow Vulnerability Found in Tenda AX3 Router,"A stack overflow vulnerability exists in the Tenda AX3 router, specifically in the function formSetQosBand. This flaw can be exploited by attackers to trigger a Denial of Service (DoS) condition through manipulation of the list parameter. When successfully exploited, this vulnerability may render the router inoperable, disrupting network services for affected users.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:22.000Z,0
CVE-2022-24147,https://securityvulnerability.io/vulnerability/CVE-2022-24147,Stack Overflow Vulnerability in Tenda AX3 Router Products,"The Tenda AX3 Router has a stack overflow vulnerability identified in the function fromAdvSetMacMtuWan. This flaw can be exploited by attackers using the parameters wanMTU, wanSpeed, cloneType, mac, and serviceName, ultimately leading to a Denial of Service (DoS) condition. This can disrupt network connectivity and impact the usability of the affected router, making it crucial for users to be aware of the risks and apply necessary mitigations.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:21.000Z,0
CVE-2022-24148,https://securityvulnerability.io/vulnerability/CVE-2022-24148,Command Injection Vulnerability in Tenda AX3 Router,"A command injection vulnerability has been identified in the Tenda AX3 router, specifically within the mDMZSetCfg function. This flaw can be exploited by attackers through the dmzIp parameter, enabling them to execute arbitrary commands on the affected device. Users of Tenda AX3 version 16.03.12.10_CN are advised to take preventive measures to secure their networks against unauthorized access.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.012140000239014626,false,,false,false,false,,,false,false,,2022-02-04T01:33:20.000Z,0
CVE-2022-24149,https://securityvulnerability.io/vulnerability/CVE-2022-24149,Stack Overflow Vulnerability in Tenda AX3 Wireless Router,"A vulnerability has been identified in the Tenda AX3 Router, specifically in version v16.03.12.10_CN where the fromSetWirelessRepeat function is susceptible to a stack overflow. This flaw can be exploited by attackers through the wpapsk_crypto parameter, allowing them to execute a Denial of Service (DoS) attack. Organizations utilizing this product should assess their systems and apply necessary remediation measures to enhance security.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:20.000Z,0
CVE-2022-24150,https://securityvulnerability.io/vulnerability/CVE-2022-24150,Command Injection Vulnerability in Tenda AX3 Routers,"The Tenda AX3 router version v16.03.12.10_CN is susceptible to a command injection flaw in the formSetSafeWanWebMan function. By exploiting the remoteIp parameter, attackers can execute arbitrary commands, potentially compromising the security of the affected device and its network.",Tenda,Ax3 Firmware,9.8,CRITICAL,0.013340000063180923,false,,false,false,false,,,false,false,,2022-02-04T01:33:17.000Z,0
CVE-2022-24151,https://securityvulnerability.io/vulnerability/CVE-2022-24151,Stack Overflow Vulnerability in Tenda AX3 Wi-Fi Router,"The Tenda AX3 router version v16.03.12.10_CN is susceptible to a stack overflow vulnerability in the fromSetWifiGusetBasic function. This flaw can result in a Denial of Service (DoS) condition when exploited through manipulated shareSpeed parameters, potentially disrupting network availability and affecting users connected to the router. Ensuring the prompt application of patches or firmware updates is critical to mitigating risks associated with this vulnerability.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:17.000Z,0
CVE-2022-24152,https://securityvulnerability.io/vulnerability/CVE-2022-24152,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router version v16.03.12.10_CN is susceptible to a stack overflow vulnerability within the function fromSetRouteStatic. This flaw enables attackers to exploit the list parameter, potentially leading to a Denial of Service. Successful exploitation can disrupt device functionalities, posing risks to network security and availability.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:16.000Z,0
CVE-2022-24153,https://securityvulnerability.io/vulnerability/CVE-2022-24153,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 router has a stack overflow vulnerability in the formAddMacfilterRule function, which can be exploited by attackers through manipulation of the devName parameter. This exploit can lead to a Denial of Service (DoS) condition, rendering the device unusable.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:15.000Z,0
CVE-2022-24154,https://securityvulnerability.io/vulnerability/CVE-2022-24154,Stack Overflow Vulnerability in Tenda AX3 Router,"The Tenda AX3 Router suffers from a stack overflow vulnerability in the formSetRebootTimer function, which can be exploited by attackers. By manipulating the rebootTime parameter, malicious actors can disrupt the device's operation, leading to a Denial of Service. This vulnerability poses a risk to users by potentially rendering their routers temporarily unusable.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:15.000Z,0
CVE-2022-24155,https://securityvulnerability.io/vulnerability/CVE-2022-24155,Heap Overflow Vulnerability in Tenda AX3 Router by Tenda,"The Tenda AX3 router version v16.03.12.10_CN contains a heap overflow vulnerability within the setSchedWifi function. This security flaw allows attackers to exploit the schedStartTime and schedEndTime parameters, potentially leading to a Denial of Service (DoS). If unmitigated, this vulnerability can disrupt the operation of the affected router, impacting users' connectivity and overall network stability. Immediate action is recommended to patch the affected version.",Tenda,Ax3 Firmware,7.5,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2022-02-04T01:33:14.000Z,0