cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-4497,https://securityvulnerability.io/vulnerability/CVE-2024-4497,Buffer Overflow Vulnerability in Tenda i21 Device,"A critical vulnerability has been identified in the Tenda i21 router, specifically in version 1.0.0.14. This security flaw is associated with the 'formexeCommand' function where improper handling of the 'cmdinput' argument can lead to a stack-based buffer overflow. Attackers can exploit this vulnerability remotely, potentially allowing them to execute arbitrary code on the affected device. Despite the early notification of the vulnerability to the vendor, Tenda has not provided any response. Users of the Tenda i21 should take immediate precautions to secure their systems against potential exploitation.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-05T05:31:04.000Z,true,false,false,,2024-05-05T06:31:04.218Z,0
CVE-2024-4496,https://securityvulnerability.io/vulnerability/CVE-2024-4496,Stack-based Buffer Overflow Vulnerability in Tenda i21,"A significant vulnerability in the Tenda i21 router has been identified that can lead to a stack-based buffer overflow. This flaw is associated with the function 'formWifiMacFilterSet', where manipulation of the 'ssidIndex' argument creates an exploitable condition. The vulnerability allows for remote execution and has been publicly disclosed, raising concerns over the security of devices utilizing this firmware version. Users are urged to be aware of the potential risks and the necessity of applying appropriate security measures.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-05T05:00:06.000Z,true,false,false,,2024-05-05T06:00:06.060Z,0
CVE-2024-4495,https://securityvulnerability.io/vulnerability/CVE-2024-4495,Stack-Based Buffer Overflow in Tenda i21 Router Model,"A critical vulnerability has been identified in the Tenda i21 router, specifically in the function 'formWifiMacFilterGet'. This vulnerability can be exploited by manipulating the argument index, which leads to a stack-based buffer overflow. This security flaw allows for remote attacks, posing a substantial risk to users' network integrity. Despite early disclosure attempts to the vendor, Tenda has not responded. As attackers may leverage this vulnerability, it is crucial for users of the affected version (1.0.0.14) to take immediate action to secure their devices and networks.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-05T04:31:04.000Z,true,false,false,,2024-05-05T05:31:04.418Z,0
CVE-2024-4494,https://securityvulnerability.io/vulnerability/CVE-2024-4494,Stack-based Buffer Overflow in Tenda i21 Router,"A significant vulnerability has been identified in the Tenda i21 router, particularly in the function formSetUplinkInfo located in the /goform/setUplinkInfo file. This vulnerability allows for a stack-based buffer overflow, triggered by the manipulation of the pingHostIp2 argument. As a result, this vulnerability poses a severe risk as it can be exploited remotely, allowing attackers to execute arbitrary code or take control of the affected device. Despite notifications sent to the vendor regarding this critical issue, there has been no response. Users of Tenda i21 routers, especially version 1.0.0.14(4656), are advised to take immediate precautions to secure their devices against potential exploits.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-05T04:00:04.000Z,true,false,false,,2024-05-05T05:00:04.554Z,0
CVE-2024-4493,https://securityvulnerability.io/vulnerability/CVE-2024-4493,Stack-Based Buffer Overflow in Tenda i21 Products,"A critical vulnerability has been identified in the Tenda i21 product version 1.0.0.14, specifically within the formSetAutoPing function. This vulnerability is characterized by a stack-based buffer overflow triggered by improper handling of user-supplied arguments ping1 and ping2. An attacker can exploit this vulnerability remotely, potentially allowing unauthorized access or control over the affected device. Despite prior notifications to the vendor, Tenda has not responded to concerns about this exploit, raising significant risks for users relying on this device in their networks. Immediate attention and mitigation are advised to protect against potential attacks.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-05T02:00:04.000Z,true,false,false,,2024-05-05T03:00:04.998Z,0
CVE-2024-4492,https://securityvulnerability.io/vulnerability/CVE-2024-4492,Stack-Based Buffer Overflow in Tenda i21 Router Product,"A significant vulnerability exists in the Tenda i21 router, specifically within the 'formOfflineSet' function found in the '/goform/setStaOffline' file. An issue arises due to improper handling of the 'GO/ssidIndex' argument, leading to a stack-based buffer overflow. This flaw can be exploited remotely, allowing attackers to potentially execute arbitrary code or affect the device's operational integrity. This critical vulnerability was disclosed publicly, raising concerns about the security of affected products. Users of the Tenda i21 are urged to be aware of this security risk and to apply necessary mitigations.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-05-04T23:31:04.000Z,true,false,false,,2024-05-05T00:31:04.263Z,0
CVE-2024-4491,https://securityvulnerability.io/vulnerability/CVE-2024-4491,Stack-Based Buffer Overflow Vulnerability in Tenda i21 Product,"A significant security flaw has been identified in the Tenda i21 product, specifically in version 1.0.0.14(4656). This vulnerability stems from a stack-based buffer overflow in the 'formGetDiagnoseInfo' function triggered by improper manipulation of the 'cmdinput' argument. Attackers can exploit this flaw remotely, exposing the system to potential unauthorized access and control. Despite early disclosures to Tenda regarding this vulnerability, the vendor has not responded, raising concerns about the timeliness of any potential fixes or mitigations.",Tenda,I21 Firmware,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-05-05T00:15:00.000Z,0
CVE-2024-4251,https://securityvulnerability.io/vulnerability/CVE-2024-4251,Stack-based Buffer Overflow in Tenda i21 Router,"A critical vulnerability has been discovered in the Tenda i21 router, specifically in the 'fromDhcpSetSer' function within the '/goform/DhcpSetSe' URL endpoint. This flaw can be exploited through stack-based buffer overflow via manipulation of various DHCP parameters, including dhcpStartIp, dhcpEndIp, dhcpGw, dhcpMask, dhcpLeaseTime, dhcpDns1, and dhcpDns2. As attackers could exploit this vulnerability remotely, it poses a substantial threat to device security and user data integrity. Despite the disclosure of this vulnerability to the vendor, no response or remedy has been provided, underscoring the urgency for users to secure their devices against potential exploits. For further details, consult the [VDB-262142 entry](https://vuldb.com/?id.262142) or related resources.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-04-27T12:00:08.000Z,true,false,false,,2024-04-27T13:00:08.629Z,0
CVE-2024-4250,https://securityvulnerability.io/vulnerability/CVE-2024-4250,Stack-based Buffer Overflow in Tenda i21 Wi-Fi Router,"A severe stack-based buffer overflow vulnerability has been identified in the Tenda i21 Wi-Fi router, specifically within the 'formwrlSSIDset' function located in the '/goform/wifiSSIDset' file. This vulnerability arises from improper handling of the 'ssidIndex' argument, which could allow an attacker to execute arbitrary code remotely. The exploit has been made public, increasing the potential risk for users. Notably, attempts to alert the vendor about this issue have gone unanswered, emphasizing the urgency for users to take preventive measures to secure their devices.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-04-27T11:00:06.000Z,true,false,false,,2024-04-27T12:00:06.348Z,0
CVE-2024-4249,https://securityvulnerability.io/vulnerability/CVE-2024-4249,Stack-Based Buffer Overflow in Tenda i21 WiFi Router,"A critical vulnerability has been identified in the Tenda i21 WiFi Router, specifically in the function handling WiFi SSID retrieval (/goform/wifiSSIDget). The issue arises from improper validation of the 'ssidIndex' argument, which can lead to a stack-based buffer overflow. This flaw allows an attacker to execute arbitrary code remotely, posing significant risk to users if exploited. Despite early notification to the vendor, no response has been received, indicating a potential lack of support for security issues. It is vital for users of the affected product to remain vigilant and apply any available security patches.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,true,2024-04-27T10:31:05.000Z,true,false,false,,2024-04-27T11:31:05.162Z,0
CVE-2024-4248,https://securityvulnerability.io/vulnerability/CVE-2024-4248,Stack-Based Buffer Overflow in Tenda i21 Router,"A significant security vulnerability has been identified in the Tenda i21 router, specifically affecting version 1.0.0.14(4656). This vulnerability lies within the function formQosManage_user, where improper handling of the ssidIndex argument can lead to a stack-based buffer overflow. This may allow an attacker to execute arbitrary code or crash the device, and the exploitation can be performed remotely, posing a severe risk to users' networks. Despite attempts to notify the vendor, Tenda has not responded regarding any mitigation steps. It is crucial for users to be aware of this issue and to apply necessary security measures to protect their devices.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-27T10:31:04.307Z,0
CVE-2024-4247,https://securityvulnerability.io/vulnerability/CVE-2024-4247,Stack-Based Buffer Overflow in Tenda i21 Router Firmware,"A significant vulnerability has been discovered in the Tenda i21 router, specifically within its function call 'formQosManage_auto'. This flaw allows for a stack-based buffer overflow that can be exploited remotely. By manipulating the argument 'ssidIndex', an attacker could potentially execute arbitrary code, leading to unauthorized access or control over the device. This vulnerability emphasizes the importance of vendor responsiveness, as Tenda has yet to provide a patch or comment upon disclosure.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-27T09:31:04.549Z,0
CVE-2024-4246,https://securityvulnerability.io/vulnerability/CVE-2024-4246,Stack-Based Buffer Overflow in Tenda i21,"A serious stack-based buffer overflow vulnerability is present in the Tenda i21 device, specifically affecting version 1.0.0.14. The vulnerability arises in the function formQosManageDouble_auto due to improper handling of the ssidIndex argument. This weakness allows an attacker to exploit the device remotely, potentially leading to unauthorized access and execution of arbitrary code. Despite proactive outreach, the vendor has not responded to notifications regarding this security concern. It is imperative for users of the affected product to apply mitigative measures to safeguard their devices.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-27T08:31:05.312Z,0
CVE-2024-4245,https://securityvulnerability.io/vulnerability/CVE-2024-4245,Stack-Based Buffer Overflow in Tenda i21 Router,"A critical vulnerability has been uncovered in the Tenda i21 router, specifically involving a stack-based buffer overflow in the formQosManageDouble_user function. This vulnerability arises from the improper handling of the ssidIndex argument, enabling an attacker to exploit the issue remotely. Successful exploitation allows an attacker to potentially execute arbitrary code, compromising device security. Despite attempts to inform Tenda Technology about this serious security flaw, there has been no response from the vendor, which raises concerns about timely patch management and user safety. Organizations using the affected version of Tenda i21 should prioritize updates and consider additional security measures to mitigate risk.",Tenda,I21,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-27T07:31:04.745Z,0
CVE-2022-44366,https://securityvulnerability.io/vulnerability/CVE-2022-44366,Buffer Overflow Vulnerability in Tenda i21 Router,"The Tenda i21 router, version V1.0.0.14, is susceptible to a buffer overflow vulnerability that occurs through the /goform/setDiagnoseInfo endpoint. This vulnerability could allow an attacker to execute arbitrary code or potentially gain unauthorized access to network resources, elevating the risk associated with the affected device. Remediation measures should be undertaken immediately to protect network integrity.",Tenda,I21 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-44367,https://securityvulnerability.io/vulnerability/CVE-2022-44367,Buffer Overflow Vulnerability in Tenda i21 Router Firmware,"The Tenda i21 router, specifically version V1.0.0.14, is affected by a buffer overflow vulnerability that can be exploited through the '/goform/setUplinkInfo' endpoint. This security flaw allows an attacker to potentially execute arbitrary code by sending crafted input to the affected function. Users of the Tenda i21 should take immediate action to secure their devices by applying available patches and monitoring for suspicious activity.",Tenda,I21 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-44365,https://securityvulnerability.io/vulnerability/CVE-2022-44365,Stack Overflow Vulnerability in Tenda i21 Product,The Tenda i21 device suffers from a stack overflow vulnerability that occurs through the /goform/setSysPwd endpoint. This vulnerability can be exploited by attackers to gain unauthorized access and potentially compromise system integrity. It is crucial for users of the affected version to implement patches and follow best security practices to mitigate risks associated with this vulnerability.,Tenda,I21 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-44363,https://securityvulnerability.io/vulnerability/CVE-2022-44363,Buffer Overflow Vulnerability in Tenda i21 Router,"The Tenda i21 router version V1.0.0.14 is susceptible to a buffer overflow vulnerability through the endpoint /goform/setSnmpInfo. This weakness could potentially allow an attacker to execute arbitrary code or cause a denial of service by manipulating the input parameters, thereby disrupting the normal operation of the device. Users are advised to monitor their systems and apply necessary patches to mitigate potential risks.",Tenda,I21 Firmware,9.8,CRITICAL,0.0021800000686198473,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-44362,https://securityvulnerability.io/vulnerability/CVE-2022-44362,Buffer Overflow Vulnerability in Tenda i21 by Tenda,"The Tenda i21 router version 1.0.0.14 is exposed to a buffer overflow vulnerability via the /goform/AddSysLogRule endpoint. This security flaw can allow remote attackers to execute arbitrary code or crash the affected device, potentially compromising the network security. Proper validation of user input is critical to mitigate risks associated with this vulnerability.",Tenda,I21 Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0