cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-50854,https://securityvulnerability.io/vulnerability/CVE-2024-50854,Stack Overflow Vulnerability in Tenda G3 from Tenda,"A stack overflow vulnerability has been found in Tenda G3 v3.0 v15.11.0.20 through the formSetPortMapping function. This flaw can potentially allow an attacker to execute arbitrary code or disrupt the normal operation of the device, raising significant security concerns for users relying on this product for secure networking. Proper mitigations and patches are required to safeguard against potential exploitation.",Tenda,G3 Firmware,8.8,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-11-13T15:15:00.000Z,0
CVE-2024-50853,https://securityvulnerability.io/vulnerability/CVE-2024-50853,Command Injection Vulnerability in Tenda G3 Router Firmware,"The Tenda G3 router running firmware version 3.0 v15.11.0.20 contains a command injection vulnerability within the formSetDebugCfg function. This flaw allows an attacker to inject arbitrary commands into the system, which could lead to unauthorized access and manipulation of device configurations. Such vulnerabilities pose significant risks, potentially enabling attackers to execute harmful commands that could compromise the router’s integrity and the security of the network it supports. Users of Tenda G3 routers are advised to review their device settings and apply any available security updates to mitigate the risks associated with this vulnerability.",Tenda,G3 Firmware,8.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2024-11-13T15:15:00.000Z,0
CVE-2024-50852,https://securityvulnerability.io/vulnerability/CVE-2024-50852,Command Injection Vulnerability in Tenda G3 Router,"The Tenda G3 v3.0 v15.11.0.20 is vulnerable to a command injection issue through the formSetUSBPartitionUmount function. This vulnerability may allow attackers to execute arbitrary commands on the router, compromising the integrity and availability of the device. Proper remediation mechanisms should be considered to ensure device security and protect against unauthorized access.",Tenda,G3 Firmware,8.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2024-11-13T15:15:00.000Z,0
CVE-2024-46628,https://securityvulnerability.io/vulnerability/CVE-2024-46628,Remote Code Execution Vulnerability in Tenda G3 Router by Tenda,"The Tenda G3 Router firmware v15.03.05.05 has been identified as having a serious vulnerability that allows remote code execution. Specifically, the issue originates from improper handling of the usbPartitionName parameter in the formSetUSBPartitionUmount function. This flaw can potentially allow attackers to exploit the router, compromising security and enabling unauthorized access to sensitive data or network functionality.",Tenda,G3 Firmware,9.8,CRITICAL,0.0010900000343099236,false,,false,false,false,,,false,false,,2024-09-26T00:00:00.000Z,0
CVE-2024-8224,https://securityvulnerability.io/vulnerability/CVE-2024-8224,Stack-Based Buffer Overflow in Tenda G3 Router Firmware,"A serious stack-based buffer overflow vulnerability has been discovered in the Tenda G3 router firmware (version 15.11.0.20). This flaw exists in the formSetDebugCfg function within the /goform/setDebugCfg file, where improper handling of the enable, level, or module arguments can lead to potential exploitation. Attackers can exploit this vulnerability remotely, risking the safety of the device and data. Despite early notification to the vendor regarding this issue, there has been no response or patch provided, increasing the urgency for users to be aware of this risk and take appropriate measures to secure their devices.",Tenda,G3 Firmware,9.8,CRITICAL,0.003530000103637576,false,,false,false,false,,,false,false,,2024-08-27T23:15:00.000Z,0
CVE-2022-36586,https://securityvulnerability.io/vulnerability/CVE-2022-36586,Buffer Overflow Vulnerability in Tenda G3 Router,"The Tenda G3 router is affected by a buffer overflow vulnerability originating from the improper use of the 'strcpy' function in the HTTP daemon (httpd). This flaw can potentially allow an attacker to execute arbitrary code through crafted requests aimed at the vulnerable function, compromising the device's integrity and security. Users are encouraged to apply available patches and follow best security practices to mitigate risks associated with this vulnerability.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,,false,false,false,,,false,false,,2022-09-08T00:15:00.000Z,0
CVE-2022-36585,https://securityvulnerability.io/vulnerability/CVE-2022-36585,Buffer Overflow Vulnerability in Tenda G3 Router,"A buffer overflow vulnerability exists in the Tenda G3 Router’s httpd binary, specifically within the addDhcpRule function. This flaw is triggered by improper handling of input data using the sscanf function. Successful exploitation can lead to unauthorized access or potentially compromise the router’s operation, impacting the overall network security.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,,false,false,false,,,false,false,,2022-09-07T23:15:00.000Z,0
CVE-2022-36587,https://securityvulnerability.io/vulnerability/CVE-2022-36587,Buffer Overflow Vulnerability in Tenda G3 Router,"A buffer overflow vulnerability exists in the Tenda G3 router due to improper handling of input in the sprintf function within the httpd binary. This vulnerability could allow an attacker to execute arbitrary code or disrupt the normal operation of the device. Users are advised to review the affected versions and apply any available patches to mitigate potential risks. For further details and updates, refer to official resources.",Tenda,G3 Firmware,9.8,CRITICAL,0.0021899999119341373,false,,false,false,false,,,false,false,,2022-09-07T16:31:12.000Z,0
CVE-2022-36584,https://securityvulnerability.io/vulnerability/CVE-2022-36584,Buffer Overflow Vulnerability in Tenda G3 Router Firmware,"The Tenda G3 router experiences a vulnerability due to a buffer overflow in the getsinglepppuser function, primarily caused by improper handling of user input through the sscanf function. This flaw could allow attackers to execute arbitrary code, potentially compromising the security and functionality of the device. Users of the affected firmware version should take immediate precautions to mitigate risks associated with this vulnerability.",Tenda,G3 Firmware,9.8,CRITICAL,0.003640000009909272,false,,false,false,false,,,false,false,,2022-09-06T16:50:08.000Z,0