cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-10283,https://securityvulnerability.io/vulnerability/CVE-2024-10283,Stack-Based Buffer Overflow in Tenda RX9 and RX9 Pro Products,"A stack-based buffer overflow vulnerability has been identified in the function sub_4337EC located in the SetNetControlList interface of Tenda RX9 and RX9 Pro routers, specifically in firmware version 22.03.02.20. This vulnerability can be exploited remotely, allowing an attacker to manipulate input arguments to facilitate unauthorized access or further exploitation. The exploit has been made public, raising concerns for users of these devices. It is critical for users to apply security patches or mitigate risks to protect their networks from potential attacks.",Tenda,Rx9 Pro Firmware,8.8,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-10-23T15:15:00.000Z,0
CVE-2024-10282,https://securityvulnerability.io/vulnerability/CVE-2024-10282,Stack-based Buffer Overflow Vulnerability in Tenda RX9 and RX9 Pro,"A vulnerability in Tenda RX9 and RX9 Pro router firmware versions 22.03.02.10 and 22.03.02.20 allows for a stack-based buffer overflow via the function sub_42EA38 in /goform/SetVirtualServerCfg. This vulnerability can be exploited remotely, leading to potential unauthorized access and execution of arbitrary code. The implications of this flaw are significant as it poses risks for sensitive data exposure and can destabilize network integrity. Public disclosure of the exploit has heightened concerns, emphasizing the need for immediate action to safeguard affected devices.",Tenda,Rx9 Pro Firmware,8.8,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-10-23T15:15:00.000Z,0
CVE-2024-10281,https://securityvulnerability.io/vulnerability/CVE-2024-10281,Stack-based Buffer Overflow Vulnerability in Tenda RX9 and RX9 Pro Products,"A stack-based buffer overflow vulnerability affects the Tenda RX9 and RX9 Pro devices, specifically within the SetStaticRouteCfg function located in the /goform/ directory. The flaw allows for remote manipulation of the argument list, leading to potential exploitation of the device. Attackers could exploit this vulnerability to execute arbitrary code, resulting in compromised device security. The public disclosure of the exploit raises concerns over the safety of devices running vulnerable firmware versions, specifically 22.03.02.10 and 22.03.02.20. It is crucial for users of Tenda RX9 and RX9 Pro to assess their firmware and implement necessary security patches to mitigate risks.",Tenda,Rx9 Pro Firmware,8.8,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2024-10-23T14:15:00.000Z,0
CVE-2023-43885,https://securityvulnerability.io/vulnerability/CVE-2023-43885,Arbitrary Device Locking in Tenda RX9 Pro Firmware,"The Tenda RX9 Pro Firmware V22.03.02.20 contains a vulnerability in its HTTP server component that lacks adequate error handling mechanisms. This deficiency allows authenticated attackers to exploit the system and arbitrarily lock the device, thus disrupting its functionality and access for legitimate users. This issue underscores the importance of robust error management protocols in firmware development to protect against unauthorized control over network devices.",Tenda,Rx9 Pro Firmware,8.1,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2023-11-07T00:00:00.000Z,0
CVE-2023-43886,https://securityvulnerability.io/vulnerability/CVE-2023-43886,Buffer Overflow Vulnerability in Tenda RX9 Pro HTTP Server Component,"A buffer overflow vulnerability has been identified in the HTTP server component of Tenda RX9 Pro, version 22.03.02.20. This flaw could potentially allow an authenticated attacker to exploit the vulnerability and overwrite critical memory, leading to undefined behavior in the affected system.",Tenda,Rx9 Pro Firmware,7.1,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2023-11-07T00:00:00.000Z,0
CVE-2022-38829,https://securityvulnerability.io/vulnerability/CVE-2022-38829,Buffer Overflow Vulnerability in Tenda RX9_Pro Router,"The Tenda RX9_Pro router, specifically version V22.03.02.10, is affected by a Buffer Overflow vulnerability stemming from improper validation in the setMacFilterCfg function. This flaw could allow an attacker to execute arbitrary code or disrupt the normal operation of the device, posing significant risks to the network integrity and data security.",Tenda,Rx9 Pro Firmware,9.8,CRITICAL,0.0020099999383091927,false,,false,false,false,,,false,false,,2022-09-16T14:37:40.000Z,0
CVE-2022-38830,https://securityvulnerability.io/vulnerability/CVE-2022-38830,Buffer Overflow Vulnerability in Tenda RX9_Pro Router,"The Tenda RX9_Pro router version V22.03.02.10 is susceptible to a buffer overflow vulnerability through the httpd interface during the setIPv6Status process. This allows attackers to potentially execute arbitrary code or lead to unexpected behavior in the system, compromising the security of the device and the network it manages.",Tenda,Rx9 Pro Firmware,9.8,CRITICAL,0.0020099999383091927,false,,false,false,false,,,false,false,,2022-09-16T14:36:48.000Z,0
CVE-2022-38831,https://securityvulnerability.io/vulnerability/CVE-2022-38831,Buffer Overflow in Tenda RX9_Pro by Tenda,"The Tenda RX9_Pro router version V22.03.02.10 is susceptible to a buffer overflow vulnerability through the httpd/SetNetControlList endpoint. This flaw can allow unauthorized access, potentially leading to arbitrary code execution or a denial of service. Inadequate validation of user input within the SetNetControlList function may expose the system to manipulation, emphasizing the need for immediate updates and rigorous security practices.",Tenda,Rx9 Pro Firmware,9.8,CRITICAL,0.0020099999383091927,false,,false,false,false,,,false,false,,2022-09-16T14:35:43.000Z,0