Tenda Tx9 Pro Firmware vulnerabilities

CVE-2024-4114 [HIGH] CWE-121 CVE-2024-4114: A vulnerability, which was classified as critical, has been found in Tenda TX9 22.03.02.10. This iss A vulnerability, which was classified as critical, has been found in Tenda TX9 22.03.02.10. This issue affects the function sub_42C014 of the file /goform/PowerSaveSet. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identi

CVE-2024-4111 [HIGH] CWE-121 CVE-2024-4111: A vulnerability was found in Tenda TX9 22.03.02.10. It has been rated as critical. Affected by this A vulnerability was found in Tenda TX9 22.03.02.10. It has been rated as critical. Affected by this issue is the function sub_42BD7C of the file /goform/SetLEDCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261854 is the

CVE-2024-4112 [HIGH] CWE-121 CVE-2024-4112: A vulnerability classified as critical has been found in Tenda TX9 22.03.02.10. This affects the fun A vulnerability classified as critical has been found in Tenda TX9 22.03.02.10. This affects the function sub_42CB94 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associa

CVE-2024-4113 [HIGH] CWE-121 CVE-2024-4113: A vulnerability classified as critical was found in Tenda TX9 22.03.02.10. This vulnerability affect A vulnerability classified as critical was found in Tenda TX9 22.03.02.10. This vulnerability affects the function sub_42D4DC of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of

CVE-2022-45337 [HIGH] CWE-787 CVE-2022-45337: Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /gof Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.

CVE-2022-38510 [HIGH] CWE-120 CVE-2022-38510: Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNet Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList.

CVE-2022-30033 [HIGH] CWE-120 CVE-2022-30033: Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in htt Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.

CVE-2022-29591 [CRITICAL] CWE-120 CVE-2022-29591: Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow. Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.

CVE-2022-29592 [CRITICAL] CWE-78 CVE-2022-29592: Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_ro Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).