Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ac10_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 65 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-08-07 | CVE-2023-38936 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | Ac10_firmware, Ac1206_firmware, Ac5_firmware, Ac6_firmware, Ac7_firmware, Ac9_firmware, F1203_firmware, Fh1203_firmware, Fh1205_firmware | 9.8 | ||
| 2023-08-07 | CVE-2023-38937 | Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. | Ac10_firmware, Ac1206_firmware, Ac5_firmware, Ac6_firmware, Ac7_firmware, Ac8_firmware, Ac9_firmware | 9.8 | ||
| 2023-09-18 | CVE-2023-42320 | Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45479 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45480 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45482 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45481 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45483 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. | Ac10_firmware | 9.8 | ||
| 2023-11-29 | CVE-2023-45484 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. | Ac10_firmware | 9.8 | ||
| 2024-03-24 | CVE-2024-2856 | A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257780. NOTE: The vendor was contacted early about this disclosure but did not... | Ac10_firmware | 9.8 |