Tenda Ac18 Firmware vulnerabilities

CVE-2023-24165 [CRITICAL] CWE-787 CVE-2023-24165: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo.

CVE-2023-24169 [CRITICAL] CWE-787 CVE-2023-24169: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c.

CVE-2023-24170 [CRITICAL] CWE-787 CVE-2023-24170: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/fromSetWirelessRepeat. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/fromSetWirelessRepeat.

CVE-2023-24164 [CRITICAL] CWE-787 CVE-2023-24164: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318.

CVE-2023-24167 [CRITICAL] CWE-787 CVE-2023-24167: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node.

CVE-2022-44171 [CRITICAL] CWE-120 CVE-2022-44171: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.

CVE-2022-44178 [CRITICAL] CWE-120 CVE-2022-44178: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.

CVE-2022-44180 [CRITICAL] CWE-120 CVE-2022-44180: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.

CVE-2022-44176 [CRITICAL] CWE-120 CVE-2022-44176: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.

CVE-2022-44177 [CRITICAL] CWE-120 CVE-2022-44177: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.

CVE-2022-44172 [CRITICAL] CWE-120 CVE-2022-44172: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.

CVE-2022-44183 [CRITICAL] CWE-120 CVE-2022-44183: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.

CVE-2022-44174 [CRITICAL] CWE-120 CVE-2022-44174: Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName. Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.

CVE-2022-44175 [CRITICAL] CWE-120 CVE-2022-44175: Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

CVE-2022-43260 [CRITICAL] CWE-787 CVE-2022-43260: Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow via the time parameter in t Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow via the time parameter in the fromSetSysTime function.

CVE-2022-40854 [CRITICAL] CWE-787 CVE-2022-40854: Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set

CVE-2022-40861 [HIGH] CWE-787 CVE-2022-40861: Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_00 Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/

CVE-2022-38310 [CRITICAL] CWE-787 CVE-2022-38310: Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the l Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.

CVE-2022-38311 [CRITICAL] CWE-787 CVE-2022-38311: Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the t Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet.

CVE-2022-38313 [CRITICAL] CWE-787 CVE-2022-38313: Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the t Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo.