cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-50002,https://securityvulnerability.io/vulnerability/CVE-2023-50002,Stack Overflow Vulnerability in Tenda W30E Router,"A significant stack overflow vulnerability was found in the Tenda W30E router, specifically in the function responsible for rebooting mesh nodes. This flaw could be exploited by attackers to execute arbitrary code or cause unintended behavior, compromising the router’s integrity and potentially exposing the network to further risks.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49402,https://securityvulnerability.io/vulnerability/CVE-2023-49402,Stack Overflow Vulnerability in Tenda W30E Router by Tenda Technologies,"The Tenda W30E router has been identified to have a stack overflow vulnerability within the localMsg function, potentially allowing attackers to exploit this flaw. If successfully exploited, this vulnerability could lead to unauthorized access and control over the affected device, compromising network integrity and user data. Proper security measures and updates are recommended to mitigate this risk.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49403,https://securityvulnerability.io/vulnerability/CVE-2023-49403,Command Injection Vulnerability in Tenda W30E Router,"The Tenda W30E router, specifically version 16.01.0.12(4843), has been identified with a command injection vulnerability within the setFixTools function. This vulnerability allows malicious users to inject arbitrary commands, potentially leading to unauthorized access and manipulation of the router’s functionality. Exploiting this flaw could enable attackers to compromise network security, affecting all devices connected to the network. Users of Tenda W30E should prioritize applying security patches to mitigate risks associated with this vulnerability.",Tenda,W30e Firmware,9.8,CRITICAL,0.014220000244677067,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49404,https://securityvulnerability.io/vulnerability/CVE-2023-49404,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E router version V16.01.0.12(4843) is susceptible to a stack overflow vulnerability discovered in the function formAdvancedSetListSet. This vulnerability can potentially allow an attacker to execute arbitrary code or cause the router to crash, leading to a denial of service. Users of this affected product should consider updating their firmware or implementing additional security measures to mitigate the risks associated with this vulnerability.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49405,https://securityvulnerability.io/vulnerability/CVE-2023-49405,Stack Overflow Vulnerability in Tenda W30E by Tenda,"The Tenda W30E device has a vulnerability that allows a stack overflow through the UploadCfg function, potentially leading to unauthorized access or remote code execution. Users are advised to update their devices to rectify this issue and enhance their security posture.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49406,https://securityvulnerability.io/vulnerability/CVE-2023-49406,Command Execution Vulnerability in Tenda W30E Router,"The Tenda W30E V16.01.0.12(4843) router is susceptible to a command execution vulnerability that arises from the improper handling of user input in the /goform/telnet function. An attacker can exploit this flaw to execute arbitrary commands on the device, potentially compromising network integrity and allowing unauthorized access to sensitive configurations. It is crucial for users of this router to assess their security posture and apply necessary patches or mitigations to safeguard against potential exploits.",Tenda,W30e Firmware,9.8,CRITICAL,0.0036700000055134296,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49410,https://securityvulnerability.io/vulnerability/CVE-2023-49410,Stack Overflow Vulnerability in Tenda W30E by Tenda,"The Tenda W30E, specifically version 16.01.0.12, has been identified with a stack overflow vulnerability originating from the 'set_wan_status' function. This flaw can be exploited to disrupt the normal functioning of the device, potentially allowing an attacker to execute arbitrary code or crash the system. Organizations utilizing this router model should take immediate action to assess their security posture and apply available patches to mitigate any potential risks associated with this vulnerability.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49411,https://securityvulnerability.io/vulnerability/CVE-2023-49411,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E router (version V16.01.0.12(4843)) is susceptible to a stack overflow vulnerability triggered by the function formDeleteMeshNode. This flaw could enable attackers to exploit the device, potentially compromising the security and functionality of the network. Users should take immediate measures to secure their devices and apply any available updates.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-49999,https://securityvulnerability.io/vulnerability/CVE-2023-49999,Command Injection Vulnerability in Tenda W30E Router,"A command injection vulnerability has been identified in the Tenda W30E router, specifically in the 'setUmountUSBPartition' function. This flaw allows attackers to execute arbitrary commands on the device, potentially compromising the integrity and confidentiality of the system. The identified version V16.01.0.12(4843) is particularly affected, highlighting the need for immediate attention to secure network infrastructure.",Tenda,W30e Firmware,9.8,CRITICAL,0.014220000244677067,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-50000,https://securityvulnerability.io/vulnerability/CVE-2023-50000,Stack Overflow Vulnerability in Tenda W30E Router,"A stack overflow vulnerability has been identified in the Tenda W30E router, specifically in the function formResetMeshNode. This flaw could potentially allow an attacker to execute arbitrary code or disrupt the normal operation of the router, posing a significant risk to network security. Users of the affected version should take immediate steps to secure their devices.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-50001,https://securityvulnerability.io/vulnerability/CVE-2023-50001,Stack Overflow Vulnerability in Tenda W30E Router by Tenda,"The Tenda W30E router has been identified with a stack overflow vulnerability within the formUpgradeMeshOnline function. This flaw could potentially be exploited by attackers to disrupt the normal operation of the device, potentially granting unauthorized access or control over the router's functionalities. Users should ensure that their firmware is updated to mitigate any security risks associated with this vulnerability.",Tenda,W30e Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-12-07T00:00:00.000Z,0
CVE-2023-25231,https://securityvulnerability.io/vulnerability/CVE-2023-25231,Buffer Overflow Vulnerability in Tenda Router Products,"The Tenda Router W30E, specifically version V1.0.1.25(633), has a vulnerability characterized by a buffer overflow in the 'fromRouteStatic' function. This issue arises when improper handling of parameters 'entrys' and 'mitInterface' allows attackers to exploit the router's functionality, potentially leading to unauthorized access or disruption of service. It is crucial for users of affected Tenda devices to apply necessary patches and ensure their networks remain secure against potential exploitation.",Tenda,W30e Firmware,9.8,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2023-02-27T00:00:00.000Z,0
CVE-2022-45513,https://securityvulnerability.io/vulnerability/CVE-2022-45513,Stack Overflow in Tenda W30E Router Vulnerability,"The Tenda W30E router, specifically version 1.0.1.25, is susceptible to a stack overflow vulnerability through the page parameter at /goform/P2pListFilter. This flaw could potentially allow attackers to execute arbitrary code, impacting the functionality and security of the device. Users are advised to assess their security posture, patch the device if necessary, and monitor for unusual activity.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45514,https://securityvulnerability.io/vulnerability/CVE-2022-45514,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E Router, specifically version 1.0.1.25, is susceptible to a stack overflow vulnerability found in the web management interface. This vulnerability occurs through the 'page' parameter in the '/goform/webExcptypemanFilter' endpoint, potentially allowing attackers to execute arbitrary code, compromising the device's functionality and security. The impact of this vulnerability emphasizes the need for robust security measures in IoT devices to protect against unauthorized access and exploitation.",Tenda,W30e Firmware,7.5,HIGH,0.0011099999537691474,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45515,https://securityvulnerability.io/vulnerability/CVE-2022-45515,Stack Overflow Vulnerability in Tenda W30E by Tenda,"The Tenda W30E device version V1.0.1.25(633) exhibits a stack overflow vulnerability through the 'entries' parameter within the '/goform/addressNat' endpoint, potentially allowing attackers to exploit the system. This flaw could lead to unauthorized access and manipulation of device functions, underscoring the importance of securing Internet of Things (IoT) devices against such vulnerabilities.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45510,https://securityvulnerability.io/vulnerability/CVE-2022-45510,Stack Overflow Vulnerability in Tenda W30E Router,"A stack overflow vulnerability has been identified in the Tenda W30E router, which can be triggered through the `mit_ssid_index` parameter at the endpoint `/goform/AdvSetWrlsafeset`. This issue can potentially allow attackers to execute arbitrary code, compromising the security and functionality of the device.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45517,https://securityvulnerability.io/vulnerability/CVE-2022-45517,Stack Overflow Vulnerability in Tenda W30E Router,"A stack overflow vulnerability has been identified in the Tenda W30E router, specifically due to improper handling of the 'page' parameter within the /goform/VirtualSer endpoint. This vulnerability could potentially allow attackers to execute arbitrary code or perform denial-of-service attacks, compromising the integrity and availability of the router's services. It is crucial for users and system administrators to apply security best practices and updates to mitigate risks associated with this vulnerability.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45518,https://securityvulnerability.io/vulnerability/CVE-2022-45518,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E router, specifically version V1.0.1.25(633), is susceptible to a stack overflow vulnerability that can be exploited through the 'page' parameter in the '/goform/SetIpBind' endpoint. By sending a crafted request, an attacker may execute arbitrary code, potentially compromising the device's functionality and security. Users are advised to review this vulnerability closely and implement necessary security measures to protect their devices.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45523,https://securityvulnerability.io/vulnerability/CVE-2022-45523,Stack Overflow Vulnerability in Tenda W30E Router,"A stack overflow vulnerability has been identified in the Tenda W30E router, specifically through the page parameter at the /goform/L7Im endpoint. This flaw can potentially be exploited by unauthorized users, leading to abnormal behavior of the device or execution of arbitrary code. It is crucial for users to apply available patches and monitor their network for any unusual activities to mitigate potential risks.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45524,https://securityvulnerability.io/vulnerability/CVE-2022-45524,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E router version V1.0.1.25(633) is affected by a stack overflow vulnerability in the handling of the 'opttype' parameter via the /goform/IPSECsave endpoint. This vulnerability could be exploited by an attacker to gain unauthorized access to the router's functionalities, potentially allowing for remote code execution or denial of service. Users are advised to review their device configurations and implement necessary mitigations to prevent exploitation.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45525,https://securityvulnerability.io/vulnerability/CVE-2022-45525,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E router is susceptible to a stack overflow vulnerability due to improper handling of the downaction parameter within the /goform/CertListInfo endpoint. This flaw can potentially allow an attacker to derail normal execution flow, leading to denial of service or remote code execution under certain conditions. It underscores the importance of stringent input validation in networking devices to mitigate potential threats.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45516,https://securityvulnerability.io/vulnerability/CVE-2022-45516,Stack Overflow in Tenda W30E Router,"A stack overflow vulnerability has been identified in the Tenda W30E router, specifically in the '/goform/NatStaticSetting' page parameter. This flaw can be exploited by an attacker to potentially execute arbitrary code, compromising system integrity and user privacy. Users are advised to apply any available patches and ensure their devices are configured securely to mitigate risks associated with this vulnerability.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45511,https://securityvulnerability.io/vulnerability/CVE-2022-45511,Stack Overflow Vulnerability in Tenda W30E Device,"A stack overflow vulnerability has been identified in the Tenda W30E device, specifically affecting version V1.0.1.25(633). The flaw can be triggered through the PPPOEPassword parameter in the QuickIndex interface, potentially allowing malicious actors to execute arbitrary code or disrupt service. Organizations using this device should urgently assess their exposure and implement necessary security measures.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,true,2022-12-21T14:06:20.000Z,true,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45519,https://securityvulnerability.io/vulnerability/CVE-2022-45519,Stack Overflow Vulnerability in Tenda W30E Router Product,"The Tenda W30E router version V1.0.1.25(633) poses a significant security risk due to a stack overflow vulnerability. This flaw occurs in the '/goform/SafeMacFilter' endpoint, specifically triggered by the 'Go' parameter. Exploitation of this vulnerability could allow attackers to execute arbitrary code, potentially compromising the device's functionality and network integrity. Users of the Tenda W30E should be aware of this issue and ensure proper updates and mitigations are in place to protect their networks.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0
CVE-2022-45520,https://securityvulnerability.io/vulnerability/CVE-2022-45520,Stack Overflow Vulnerability in Tenda W30E Router,"The Tenda W30E Router has been identified to have a stack overflow vulnerability caused by improper handling of the page parameter at /goform/qossetting. This flaw can potentially allow unauthorized access or execution of malicious code on the device, posing risks to network integrity and security. It is essential for users to check their device versions and apply necessary patches to mitigate this risk.",Tenda,W30e Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-12-08T00:00:00.000Z,0