Tenda Ax1803 Firmware vulnerabilities

60 known vulnerabilities affecting tenda/ax1803_firmware.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL31HIGH27MEDIUM2

Vulnerabilities

Page 2 of 3

CVE-2023-51956CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51956 [CRITICAL] CWE-787 CVE-2023-51956: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function for Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv

nvd

CVE-2023-51970CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51970 [CRITICAL] CWE-787 CVE-2023-51970: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function form Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

nvd

CVE-2023-51960CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51960 [CRITICAL] CWE-787 CVE-2023-51960: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function for Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.

nvd

CVE-2023-51959CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51959 [CRITICAL] CWE-787 CVE-2023-51959: Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function f Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.

nvd

CVE-2023-51964CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51964 [CRITICAL] CWE-787 CVE-2023-51964: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setI Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.

nvd

CVE-2023-51952CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51952 [CRITICAL] CWE-787 CVE-2023-51952: Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function f Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.

nvd

CVE-2023-51961CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51961 [CRITICAL] CWE-787 CVE-2023-51961: Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the functi Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.

nvd

CVE-2023-51972CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51972 [CRITICAL] CWE-77 CVE-2023-51972: Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function f Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the function fromAdvSetLanIp.

nvd

CVE-2023-51963CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51963 [CRITICAL] CWE-787 CVE-2023-51963: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function set Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.

nvd

CVE-2023-51954CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51954 [CRITICAL] CWE-787 CVE-2023-51954: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function form Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.

nvd

CVE-2023-51971CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51971 [CRITICAL] CWE-787 CVE-2023-51971: Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function g Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo.

nvd

CVE-2023-51962CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51962 [CRITICAL] CWE-787 CVE-2023-51962: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setI Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.

nvd

CVE-2023-51958CRITICALCVSS 9.8v1.0.0.12024-01-10

CVE-2023-51958 [CRITICAL] CWE-787 CVE-2023-51958: Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function form Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.

nvd

CVE-2023-49040CRITICALCVSS 9.8v1.0.0.12023-11-27

CVE-2023-49040 [CRITICAL] CWE-77 CVE-2023-49040: An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPw An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the adslPwd parameter in the form_fast_setting_internet_set function.

nvd

CVE-2023-49042CRITICALCVSS 9.8v1.0.0.12023-11-27

CVE-2023-49042 [CRITICAL] CWE-787 CVE-2023-49042: Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary Heap Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the schedStartTime parameter or the schedEndTime parameter in the function setSchedWifi.

nvd

CVE-2023-49044CRITICALCVSS 9.8v1.0.0.12023-11-27

CVE-2023-49044 [CRITICAL] CWE-787 CVE-2023-49044: Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the ssid parameter in the function form_fast_setting_wifi_set.

nvd

CVE-2023-49043CRITICALCVSS 9.8v1.0.0.12023-11-27

CVE-2023-49043 [CRITICAL] CWE-787 CVE-2023-49043: Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrar Buffer Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the wpapsk_crypto parameter in the function fromSetWirelessRepeat.

nvd

CVE-2023-49046CRITICALCVSS 9.8v1.0.0.12023-11-27

CVE-2023-49046 [CRITICAL] CWE-787 CVE-2023-49046: Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary Stack Overflow vulnerability in Tenda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the devName parameter in the function formAddMacfilterRule.

nvd

CVE-2023-49047HIGHCVSS 7.5v1.0.0.12023-11-27

CVE-2023-49047 [HIGH] CWE-787 CVE-2023-49047: Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDev Tenda AX1803 v1.0.0.1 contains a stack overflow via the devName parameter in the function formSetDeviceName.

nvd

CVE-2023-48109HIGHCVSS 7.5v1.0.0.12023-11-20

CVE-2023-48109 [HIGH] CWE-787 CVE-2023-48109: Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the fu Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack

nvd

← Previous2 / 3Next →