Tenda I22 vulnerabilities

CVE-2025-9297 [HIGH] CWE-119 CVE-2025-9297: A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInf A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInfoGet of the file /goform/wxportalauth. Performing manipulation of the argument Type results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.

CVE-2024-10750 [HIGH] CWE-476 CVE-2024-10750: A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can be launched remotely. The exploit has been disclosed t

CVE-2024-7582 [HIGH] CWE-120 CVE-2024-7582: A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affe A vulnerability classified as critical was found in Tenda i22 1.0.0.3(4687). This vulnerability affects the function formApPortalAccessCodeAuth of the file /goform/apPortalAccessCodeAuth. The manipulation of the argument accessCode/data/acceInfo leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public

CVE-2024-7583 [HIGH] CWE-120 CVE-2024-7583: A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This i A vulnerability, which was classified as critical, has been found in Tenda i22 1.0.0.3(4687). This issue affects the function formApPortalOneKeyAuth of the file /goform/apPortalOneKeyAuth. The manipulation of the argument data leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NO

CVE-2024-7584 [HIGH] CWE-120 CVE-2024-7584: A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the argument data leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: Th

CVE-2024-7585 [HIGH] CWE-120 CVE-2024-7585: A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by th A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipulation of the argument webUserName/webUserPassword leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public

CVE-2024-4252 [HIGH] CWE-121 CVE-2024-4252: A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the f A vulnerability classified as critical has been found in Tenda i22 1.0.0.3(4687). This affects the function formSetUrlFilterRule. The manipulation of the argument groupIndex leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-262143. NOTE: The vendor was contacted e