cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-26805,https://securityvulnerability.io/vulnerability/CVE-2023-26805,Buffer Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router version 15.11.0.6 is susceptible to a buffer overflow vulnerability within the formIPMacBindModify function. This weakness may allow an attacker to execute arbitrary code, potentially compromising the device's integrity and granting unauthorized access to the network. Users are advised to assess their exposure and apply necessary security measures to mitigate the risks associated with this vulnerability.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-03-19T01:15:00.000Z,0
CVE-2023-26806,https://securityvulnerability.io/vulnerability/CVE-2023-26806,Buffer Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router is susceptible to a buffer overflow vulnerability through the formSetSysTime function, which could allow attackers to manipulate critical system operations. This issue may lead to unauthorized access and compromise the integrity of the device, granting malicious actors the potential to execute arbitrary code and disrupt normal functionality. Users of the affected versions are highly encouraged to implement immediate security measures to safeguard their network.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-03-19T01:15:00.000Z,0
CVE-2022-48130,https://securityvulnerability.io/vulnerability/CVE-2022-48130,Stack Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router, specifically version 15.11.0.6, is subjected to vulnerabilities that allow multiple stack overflow conditions. These vulnerabilities arise from improper handling of user input in the formSetStaticRoute function. Malicious actors can exploit parameters such as staticRouteNet, staticRouteMask, staticRouteGateway, and staticRouteWAN, potentially leading to unauthorized code execution or system crashes. Users of the Tenda W20E should ensure they are aware of these security risks and apply any necessary updates to mitigate possible threats.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-02-02T00:00:00.000Z,0
CVE-2022-45996,https://securityvulnerability.io/vulnerability/CVE-2022-45996,Command Injection Flaw in Tenda W20E Router,"The Tenda W20E router is susceptible to a command injection vulnerability that allows an attacker to exploit the cmd_get_ping_output function. This flaw can potentially enable unauthorized access and the execution of arbitrary commands on the affected device, posing significant security risks. Users of the Tenda W20E version V16.01.0.6(3392) are advised to take immediate action to mitigate this vulnerability, such as updating firmware or applying specific security enhancements.",Tenda,W20e Firmware,7.2,HIGH,0.004519999958574772,false,,false,false,false,,,false,false,,2022-12-12T00:00:00.000Z,0
CVE-2022-45997,https://securityvulnerability.io/vulnerability/CVE-2022-45997,Buffer Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router, specifically version V16.01.0.6(3392), is susceptible to a buffer overflow vulnerability. This issue arises when the device fails to properly validate input data, allowing an attacker to overwrite memory, potentially leading to arbitrary code execution or system crashes. Users are advised to apply security patches and follow best practices to mitigate the risks associated with this vulnerability.",Tenda,W20e Firmware,7.2,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2022-12-12T00:00:00.000Z,0
CVE-2022-40855,https://securityvulnerability.io/vulnerability/CVE-2022-40855,Stack Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router, specifically version V15.11.0.6, is susceptible to a stack overflow vulnerability in the 'formSetPortMapping' function. Exploitation of this flaw can enable attackers to cause a Denial of Service (DoS) or execute arbitrary code remotely through manipulated parameters including portMappingServer, portMappingProtocol, portMappingWan, portMappingInternal, and portMappingExternal. This vulnerability underscores the importance of securing network devices against such critical flaws.",Tenda,W20e Firmware,9.8,CRITICAL,0.00788000039756298,false,,false,false,false,,,false,false,,2022-09-23T14:29:36.000Z,0
CVE-2022-40866,https://securityvulnerability.io/vulnerability/CVE-2022-40866,Stack Overflow Vulnerability in Tenda W20E Router Firmware,"The Tenda W20E router firmware version 15.11.0.6 contains a stack overflow vulnerability in the function formSetDebugCfg, specifically triggered by the /goform/setDebugCfg/ request. This flaw could allow an attacker to potentially execute arbitrary code or cause the device to crash, impacting the overall security of the network. Users are advised to review their router's configuration and apply any security-related updates to mitigate associated risks.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-09-23T14:26:40.000Z,0
CVE-2022-40867,https://securityvulnerability.io/vulnerability/CVE-2022-40867,Stack Overflow Vulnerability in Tenda W20E Router,"The Tenda W20E router version 15.11.0.6 is susceptible to a stack overflow vulnerability in the function formIPMacBindDel. This issue arises when handling requests to the endpoint /goform/delIpMacBind/, allowing an attacker to potentially execute arbitrary code. The flaw can be exploited, leading to a breach in the security of the network. Users are advised to apply security patches and review their router settings to mitigate the risks associated with this vulnerability.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-09-23T14:25:04.000Z,0
CVE-2022-40868,https://securityvulnerability.io/vulnerability/CVE-2022-40868,Stack Overflow Vulnerability in Tenda W20E Router,"A vulnerability has been identified in the Tenda W20E router's firmware version V15.11.0.6. The issue arises from a stack overflow in the function formDelDhcpRule, specifically when handling requests to /goform/delDhcpRules/. This flaw could be exploited by attackers to execute arbitrary code or disrupt the normal operation of the router, posing a risk to network integrity and security. Users of the affected Tenda product should take necessary precautions and consider updating their firmware to protect against potential exploitation.",Tenda,W20e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2022-09-23T14:22:47.000Z,0