Tendacn Ac10U Firmware vulnerabilities
23 known vulnerabilities affecting tendacn/ac10u_firmware.
Total CVEs
23
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL23
Vulnerabilities
Page 1 of 2
CVE-2024-0930P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0930 [CRITICAL] CWE-121 CVE-2024-0930: A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This a
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associate
nvd
CVE-2023-44018P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44018 [CRITICAL] CWE-119 CVE-2023-44018: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
nvd
CVE-2024-0926P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0926 [CRITICAL] CWE-121 CVE-2024-0926: A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This is
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this
nvd
CVE-2024-0932P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0932 [CRITICAL] CWE-121 CVE-2024-0932: A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_T
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifi
nvd
CVE-2020-22079P2CRITICALCVSS 9.8v15.03.06.48_multi_tde012021-10-29
CVE-2020-22079 [CRITICAL] CWE-787 CVE-2020-22079: Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 a
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
nvd
CVE-2024-0925P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0925 [CRITICAL] CWE-121 CVE-2024-0925: A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. Th
A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252130 is the
nvd
CVE-2024-0931P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0931 [CRITICAL] CWE-121 CVE-2024-0931: A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulner
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The ident
nvd
CVE-2024-0922P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0922 [CRITICAL] CWE-121 CVE-2024-0922: A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated
nvd
CVE-2024-0923P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0923 [CRITICAL] CWE-121 CVE-2024-0923: A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_T
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The ident
nvd
CVE-2024-0928P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0928 [CRITICAL] CWE-121 CVE-2024-0928: A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical.
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The
nvd
CVE-2024-0929P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0929 [CRITICAL] CWE-121 CVE-2024-0929: A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Aff
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the
nvd
CVE-2024-0927P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012024-01-26
CVE-2024-0927 [CRITICAL] CWE-121 CVE-2024-0927: A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The
nvd
CVE-2023-44023P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44023 [CRITICAL] CWE-119 CVE-2023-44023: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
nvd
CVE-2023-44017P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44017 [CRITICAL] CWE-119 CVE-2023-44017: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
nvd
CVE-2023-44016P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44016 [CRITICAL] CWE-119 CVE-2023-44016: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
nvd
CVE-2023-44022P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44022 [CRITICAL] CWE-119 CVE-2023-44022: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
nvd
CVE-2023-44013P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44013 [CRITICAL] CWE-119 CVE-2023-44013: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.
nvd
CVE-2023-44015P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44015 [CRITICAL] CWE-119 CVE-2023-44015: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.
nvd
CVE-2021-45401P2CRITICALCVSS 9.8v15.03.06.49_multi2022-02-18
CVE-2021-45401 [CRITICAL] CWE-77 CVE-2021-45401: A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49_multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function.
nvd
CVE-2023-44019P2CRITICALCVSS 9.8v15.03.06.49_multi_tde012023-09-27
CVE-2023-44019 [CRITICAL] CWE-119 CVE-2023-44019: Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
nvd
1 / 2Next →