cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10750,https://securityvulnerability.io/vulnerability/CVE-2024-10750,Remote Vulnerability in Tenda i22 Could Lead to Null Pointer Dereference,A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.,Tenda,I22,6.5,MEDIUM,0.0012000000569969416,false,,false,false,true,2024-11-04T01:00:07.000Z,true,false,false,,2024-11-04T01:00:07.611Z,0
CVE-2024-7584,https://securityvulnerability.io/vulnerability/CVE-2024-7584,Tenda i22 Buffer Overflow Vulnerability Ignored by Vendor,"A serious buffer overflow vulnerability has been identified in the Tenda i22 product, specifically within the formApPortalPhoneAuth function found in the /goform/apPortalPhoneAuth file. This issue allows for remote manipulation of the argument data, potentially enabling attackers to execute exploits from a distance. The vulnerability was publicly disclosed, emphasizing the necessity for users to apply immediate security measures. Despite early notifications to Tenda regarding this vulnerability, there has been no response, raising concerns about the timeliness of their security updates and the overall safety of their user base.",Tenda,I22 Firmware,9.8,CRITICAL,0.002940000034868717,false,,false,false,false,,,false,false,,2024-08-07T17:15:00.000Z,0
CVE-2024-7585,https://securityvulnerability.io/vulnerability/CVE-2024-7585,Buffer Overflow Vulnerability in Tenda i22 Networking Device,"A serious buffer overflow vulnerability has been discovered in the Tenda i22 networking device, specifically in the formApPortalWebAuth function located at /goform/apPortalAuth. This vulnerability allows attackers to exploit the arguments webUserName and webUserPassword to manipulate memory allocation, leading to potential arbitrary code execution. The attack can be executed remotely, exposing users to significant risk. Despite early notification to Tenda regarding this security flaw, there has been no response from the vendor. It is crucial for users of the affected product to apply necessary mitigation measures to safeguard their devices.",Tenda,I22 Firmware,9.8,CRITICAL,0.002940000034868717,false,,false,false,false,,,false,false,,2024-08-07T17:15:00.000Z,0
CVE-2024-7582,https://securityvulnerability.io/vulnerability/CVE-2024-7582,Buffer Overflow Vulnerability in Tenda i22 Router,"A critical buffer overflow vulnerability has been identified in the Tenda i22 router, specifically in the form processing function 'formApPortalAccessCodeAuth'. This vulnerability arises due to improper handling of the 'accessCode' parameter, allowing remote attackers to exploit the overflow condition by sending crafted requests. The affected version is Tenda i22 1.0.0.3(4687). Successful exploitation could lead to unauthorized access and potential complete control over the device. The vendor has been informed about the issue but has not responded or issued a patch, raising concerns for IoT security users.",Tenda,I22 Firmware,9.8,CRITICAL,0.002940000034868717,false,,false,false,false,,,false,false,,2024-08-07T16:15:00.000Z,0
CVE-2024-7583,https://securityvulnerability.io/vulnerability/CVE-2024-7583,Vulnerability in Tenda i22 1.0.0.3(4687) Could Lead to Remote Buffer Overflow,"A buffer overflow vulnerability has been identified in the Tenda i22, specifically within the apPortalOneKeyAuth function. The flaw arises from improper handling of the argument data within the /goform/apPortalOneKeyAuth file, allowing attackers to exploit the vulnerability remotely. If successfully exploited, this can lead to potential unauthorized manipulation or access to the device. Despite efforts to notify the vendor regarding this serious issue, there has been no response, heightening the urgency for affected users to seek immediate remediation.",Tenda,I22 Firmware,9.8,CRITICAL,0.002940000034868717,false,,false,false,false,,,false,false,,2024-08-07T16:15:00.000Z,0
CVE-2024-4252,https://securityvulnerability.io/vulnerability/CVE-2024-4252,Buffer Overflow Vulnerability in Tenda i22 Router,"A serious stack-based buffer overflow vulnerability has been identified in the Tenda i22 router's formSetUrlFilterRule function. This vulnerability allows remote attackers to manipulate the groupIndex argument, potentially leading to system instability or malicious code execution. Users of the affected version, 1.0.0.3(4687), are urged to implement appropriate security measures and monitor for any suspicious activities. Despite early contact with Tenda regarding this vulnerability, the vendor has not provided a response or patch, highlighting the need for immediate user action. For detailed indicators of compromise and further technical insights, refer to the comprehensive resources linked below.",Tenda,I22,8.8,HIGH,0.0022100000642240047,false,,false,false,false,,,false,false,,2024-04-27T13:31:04.906Z,0
CVE-2022-45666,https://securityvulnerability.io/vulnerability/CVE-2022-45666,Buffer Overflow Vulnerability in Tenda i22 by Tenda,"The Tenda i22 device has been found to have a vulnerability that allows for a buffer overflow through the 'list' parameter in the 'formwrlSSIDset' function. This flaw could potentially be exploited by an attacker to execute arbitrary code or disrupt normal operations, posing serious risks to network integrity and security.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-20T00:00:00.000Z,0
CVE-2022-45665,https://securityvulnerability.io/vulnerability/CVE-2022-45665,Buffer Overflow in Tenda I22 Router by Tenda,"A vulnerability has been detected in the Tenda I22 router, specifically in version V1.0.0.3. The issue arises due to a buffer overflow condition in the formSetCfm function, triggered by the funcpara1 parameter. This flaw could potentially allow attackers to exploit the router, leading to unauthorized access or manipulation of sensitive data. It's crucial for users to be aware of this vulnerability and apply any available patches or mitigation strategies.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-20T00:00:00.000Z,0
CVE-2022-45671,https://securityvulnerability.io/vulnerability/CVE-2022-45671,Buffer Overflow Vulnerability in Tenda i22 by Tenda,"The Tenda i22, specifically version V1.0.0.3(4687), is susceptible to a buffer overflow vulnerability. This occurs through manipulation of the appData parameter within the formSetAppFilterRule function. Exploiting this vulnerability could lead to undesirable consequences, including unauthorized access and potential system compromise.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45664,https://securityvulnerability.io/vulnerability/CVE-2022-45664,Buffer Overflow Vulnerability in Tenda i22 Wi-Fi Access Point,"The Tenda i22 Wi-Fi access point is susceptible to a buffer overflow vulnerability due to improper handling of the 'list' parameter in the formwrlSSIDget function. This flaw can potentially allow an attacker to execute arbitrary code, leading to unauthorized access and compromise of the device's integrity. Proper mitigation measures should be taken to secure the device from exploitation.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45667,https://securityvulnerability.io/vulnerability/CVE-2022-45667,Cross Site Request Forgery in Tenda i22 by Tenda,"The Tenda i22 V1.0.0.3(4687) is susceptible to a Cross Site Request Forgery (CSRF) attack via the fromSysToolRestoreSet function. This vulnerability could allow an attacker to exploit the device by sending unauthorized requests, potentially compromising its configuration and controls. Users should apply security best practices and monitor for unusual activity to mitigate risks.",Tenda,I22 Firmware,6.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45668,https://securityvulnerability.io/vulnerability/CVE-2022-45668,Cross Site Request Forgery Vulnerability in Tenda i22 Router,"The Tenda i22 router version V1.0.0.3(4687) is susceptible to Cross Site Request Forgery (CSRF) attacks through the 'fromSysToolReboot' function. This vulnerability allows an attacker to execute unauthorized commands on behalf of the user without their consent or knowledge. Consequently, it poses a significant risk to the device's security and the data residing within the router.",Tenda,I22 Firmware,6.5,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45669,https://securityvulnerability.io/vulnerability/CVE-2022-45669,Buffer Overflow Vulnerability in Tenda i22 by Tenda,"A buffer overflow vulnerability exists in the Tenda i22 device, specifically within the formWifiMacFilterGet function that utilizes the index parameter. An attacker could exploit this vulnerability to execute arbitrary code by sending crafted requests, potentially compromising the device and the network it operates on.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45670,https://securityvulnerability.io/vulnerability/CVE-2022-45670,Buffer Overflow Vulnerability in Tenda i22 by Tenda,"The Tenda i22 router version V1.0.0.3 has been found to have a vulnerability that allows a buffer overflow condition. This issue arises specifically through the ping1 parameter in the formSetAutoPing function. An attacker could exploit this vulnerability to execute arbitrary code, potentially compromising the device's security. It is crucial for users of the affected product to apply patches or updates promptly to mitigate any risks associated with this vulnerability.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45663,https://securityvulnerability.io/vulnerability/CVE-2022-45663,Buffer Overflow in Tenda i22 Router Firmware,"The Tenda i22 router contains a security weakness that allows for a buffer overflow via the index parameter in the formWifiMacFilterSet function. This vulnerability may be exploited to disrupt the normal functioning of the device or execute arbitrary code, posing potential risks to connected networks and devices. Users are urged to take protective measures and apply any available updates promptly.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45672,https://securityvulnerability.io/vulnerability/CVE-2022-45672,Buffer Overflow Vulnerability in Tenda i22 Router,"A buffer overflow vulnerability has been identified in Tenda i22 routers, specifically in the formWx3AuthorizeSet function. This flaw can potentially allow an attacker to execute arbitrary code or disrupt service, posing a risk to the integrity and availability of devices connected to the network. Users are advised to apply potential updates or mitigations to protect against exploitation.",Tenda,I22 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0