Tendacn G1 Firmware vulnerabilities
23 known vulnerabilities affecting tendacn/g1_firmware.
Total CVEs
23
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH13
Vulnerabilities
Page 2 of 2
CVE-2021-45989HIGHCVSS 7.5v15.11.0.17\(9502\)_cn2022-02-04
CVE-2021-45989 [HIGH] CWE-787 CVE-2021-45989: Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the func
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.
nvd
CVE-2021-27692CRITICALCVSS 9.8v15.11.0.16\(9024\)_cnv15.11.0.17\(9502\)_cn2021-04-16
CVE-2021-27692 [CRITICAL] CWE-78 CVE-2021-27692: Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.
nvd
CVE-2021-27691CRITICALCVSS 9.8v15.11.0.16\(9024\)_cnv15.11.0.17\(9502\)_cn2021-04-16
CVE-2021-27691 [CRITICAL] CWE-78 CVE-2021-27691: Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" functi
nvd
← Previous2 / 2