Tenda I21 Firmware vulnerabilities

CVE-2024-4496 [HIGH] CWE-121 CVE-2024-4496: A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. This affe A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. This affects the function formWifiMacFilterSet. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263085

CVE-2024-4494 [HIGH] CWE-121 CVE-2024-4494: A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by t A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this vulnerability is the function formSetUplinkInfo of the file /goform/setUplinkInfo. The manipulation of the argument pingHostIp2 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and

CVE-2024-4491 [HIGH] CWE-121 CVE-2024-4491: A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability aff A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability affects the function formGetDiagnoseInfo. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability

CVE-2024-4493 [HIGH] CWE-121 CVE-2024-4493: A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). Affected i A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). Affected is the function formSetAutoPing. The manipulation of the argument ping1/ping2 leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263082 is the identifier ass

CVE-2024-4492 [HIGH] CWE-121 CVE-2024-4492: A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). This A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). This issue affects the function formOfflineSet of the file /goform/setStaOffline. The manipulation of the argument GO/ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be u

CVE-2024-4495 [HIGH] CWE-121 CVE-2024-4495: A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this i A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. Affected by this issue is the function formWifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability

CVE-2024-4497 [HIGH] CWE-121 CVE-2024-4497: A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. This vulner A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. This vulnerability affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263086 is the identifier a

CVE-2024-4248 [HIGH] CWE-121 CVE-2024-4248: A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. This issue affects A vulnerability was found in Tenda i21 1.0.0.14(4656) and classified as critical. This issue affects the function formQosManage_user. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-262139. NOTE: The vendor was contacted early ab

CVE-2024-4247 [HIGH] CWE-121 CVE-2024-4247: A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. This vulnerab A vulnerability has been found in Tenda i21 1.0.0.14(4656) and classified as critical. This vulnerability affects the function formQosManage_auto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be initiated remotely. VDB-262138 is the identifier assigned to this vulnerability. NOTE: The vendor was contact

CVE-2024-4245 [HIGH] CWE-121 CVE-2024-4245: A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). Affec A vulnerability, which was classified as critical, has been found in Tenda i21 1.0.0.14(4656). Affected by this issue is the function formQosManageDouble_user. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be launched remotely. The identifier of this vulnerability is VDB-262136. NOTE: The vendor was cont

CVE-2024-4249 [HIGH] CWE-121 CVE-2024-4249: A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. Affected A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been classified as critical. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The

CVE-2024-4250 [HIGH] CWE-121 CVE-2024-4250: A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. Affected by A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been declared as critical. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may

CVE-2024-4246 [HIGH] CWE-121 CVE-2024-4246: A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). This affec A vulnerability, which was classified as critical, was found in Tenda i21 1.0.0.14(4656). This affects the function formQosManageDouble_auto. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The identifier VDB-262137 was assigned to this vulnerability. NOTE: The vendor was c

CVE-2024-4251 [HIGH] CWE-121 CVE-2024-4251: A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been rated as critical. Affected by th A vulnerability was found in Tenda i21 1.0.0.14(4656). It has been rated as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSe. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer overflow. The attack may be launched remotely. The ex

CVE-2022-44362 [CRITICAL] CWE-787 CVE-2022-44362: Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.

CVE-2022-44365 [CRITICAL] CWE-787 CVE-2022-44365: Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.

CVE-2022-44366 [CRITICAL] CWE-787 CVE-2022-44366: Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.

CVE-2022-44367 [CRITICAL] CWE-787 CVE-2022-44367: Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.

CVE-2022-44363 [CRITICAL] CWE-787 CVE-2022-44363: Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo. Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.