Tenda I9 Firmware vulnerabilities

CVE-2024-11650 [HIGH] CWE-404 CVE-2024-11650: A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects t A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2024-0996 [HIGH] CWE-121 CVE-2024-0996: A vulnerability classified as critical has been found in Tenda i9 1.0.0.9(4122). This affects the fu A vulnerability classified as critical has been found in Tenda i9 1.0.0.9(4122). This affects the function formSetCfm of the file /goform/setcfm of the component httpd. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be u

CVE-2022-40100 [CRITICAL] CWE-77 CVE-2022-40100: Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeC Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.

CVE-2022-40104 [HIGH] CWE-787 CVE-2022-40104: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40106 [HIGH] CWE-787 CVE-2022-40106: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40102 [HIGH] CWE-787 CVE-2022-40102: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40101 [HIGH] CWE-787 CVE-2022-40101: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet fun Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40107 [HIGH] CWE-787 CVE-2022-40107: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40105 [HIGH] CWE-787 CVE-2022-40105: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet fun Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-40103 [MEDIUM] CWE-787 CVE-2022-40103: Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.