Tenda Ax1806 Firmware vulnerabilities
61 known vulnerabilities affecting tenda/ax1806_firmware.
Total CVEs
61
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL20HIGH39MEDIUM2
Vulnerabilities
Page 3 of 4
CVE-2022-32033HIGHCVSS 7.5v1.0.0.12022-07-01
CVE-2022-32033 [HIGH] CWE-787 CVE-2022-32033: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
nvd
CVE-2022-32031HIGHCVSS 7.5v1.0.0.12022-07-01
CVE-2022-32031 [HIGH] CWE-787 CVE-2022-32031: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the funct
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
nvd
CVE-2022-28972HIGHCVSS 7.5v1.0.0.12022-05-06
CVE-2022-28972 [HIGH] CWE-787 CVE-2022-28972: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the f
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS).
nvd
CVE-2022-28971HIGHCVSS 7.5v1.0.0.12022-05-06
CVE-2022-28971 [HIGH] CWE-787 CVE-2022-28971: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the funct
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).
nvd
CVE-2022-28973HIGHCVSS 7.5v1.0.0.12022-05-06
CVE-2022-28973 [HIGH] CWE-787 CVE-2022-28973: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the fun
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS).
nvd
CVE-2022-28969HIGHCVSS 7.5v1.0.0.12022-05-06
CVE-2022-28969 [HIGH] CWE-787 CVE-2022-28969: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).
nvd
CVE-2022-28970HIGHCVSS 7.5v1.0.0.12022-05-06
CVE-2022-28970 [HIGH] CWE-787 CVE-2022-28970: Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the functio
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).
nvd
CVE-2022-28572HIGHCVSS 8.8v1.0.0.12022-05-02
CVE-2022-28572 [HIGH] CWE-78 CVE-2022-28572: Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status`
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
nvd
CVE-2022-25566HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25566 [HIGH] CWE-787 CVE-2022-25566: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlIn
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter.
nvd
CVE-2022-25553HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25553 [HIGH] CWE-787 CVE-2022-25553: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS.
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter.
nvd
CVE-2022-25549HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25549 [HIGH] CWE-787 CVE-2022-25549: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS.
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter.
nvd
CVE-2022-25555HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25555 [HIGH] CWE-787 CVE-2022-25555: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. Thi
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ntpServer parameter.
nvd
CVE-2022-25557HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25557 [HIGH] CWE-787 CVE-2022-25557: Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInf
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the urls parameter.
nvd
CVE-2022-25558HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25558 [HIGH] CWE-787 CVE-2022-25558: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. Th
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ProvinceCode parameter.
nvd
CVE-2022-25552HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25552 [HIGH] CWE-787 CVE-2022-25552: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_w
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.
nvd
CVE-2022-25550HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25550 [HIGH] CWE-787 CVE-2022-25550: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlIn
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter.
nvd
CVE-2022-25554HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25554 [HIGH] CWE-787 CVE-2022-25554: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlIn
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceId parameter.
nvd
CVE-2022-25546HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25546 [HIGH] CWE-787 CVE-2022-25546: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS.
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter.
nvd
CVE-2022-25551HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25551 [HIGH] CWE-787 CVE-2022-25551: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS.
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter.
nvd
CVE-2022-25548HIGHCVSS 7.5v1.0.0.12022-03-10
CVE-2022-25548 [HIGH] CWE-787 CVE-2022-25548: Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. Thi
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter.
nvd