VARIoT IoT vulnerabilities database

Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability in the fromDhcpListClient function. Shenzhen Tenda Technology Co.,Ltd. of ac500 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. Tenda AC500 is a wireless controller device designed for small and medium-sized enterprises, supporting cross-VLAN management of wireless networks. Tenda AC500 has a buffer overflow vulnerability, which stems from the failure of the list1 parameter of the fromDhcpListClient method to properly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. Shenzhen Tenda Technology Co.,Ltd. Tenda AC500 is a wireless controller device designed for small and medium-sized enterprises, supporting cross-VLAN management of wireless networks. No detailed vulnerability details are currently available

Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of A18 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda A18 is a dual-band wireless signal extender designed for duplexes, villas and large apartments over 120 square meters. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component. Shenzhen Tenda Technology Co.,Ltd. of ac500 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. Tenda AC500 is a wireless controller device designed for small and medium-sized enterprises, supporting cross-VLAN management of wireless networks

Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. Shenzhen Tenda Technology Co.,Ltd. of FH1202 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda FH1202 is a dual-band wireless router launched by Tenda, supporting 2.4GHz and 5GHz bands, with a total transmission rate of 1200Mbps. Tenda FH1202 has a buffer overflow vulnerability, which stems from the fact that the adslPwd parameter of the formWanParameterSetting method fails to correctly verify the length of the input data. Attackers can exploit this vulnerability to cause a denial of service

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. Shenzhen Tenda Technology Co.,Ltd. of fh1203 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda FH1203 is a dual-band wireless router released by China's Tenda Corporation, primarily used for home network coverage. This vulnerability stems from the adslPwd parameter in the formWanParameterSetting method failing to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of FH1202 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Tenda FH1202 is a dual-band wireless router launched by Tenda, supporting 2.4GHz and 5GHz bands, with a total transmission rate of 1200Mbps. Attackers can exploit this vulnerability to cause a denial of service

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of fh1203 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda FH1203 is a dual-band wireless router released by China's Tenda, primarily used for home network coverage. This vulnerability stems from the failure of the PPW parameter in the fromWizardHandle method to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. Shenzhen Tenda Technology Co.,Ltd. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. The Tenda W30E suffers from a command injection vulnerability caused by the cmdinput parameter of the formexeCommand method failing to properly filter special characters and commands when constructing commands. An attacker could exploit this vulnerability to execute arbitrary commands

Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to cause a denial of service

Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. Detailed vulnerability details are currently unavailable

Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to cause a denial of service

Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to cause a denial of service

Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromVirtualSer function. Shenzhen Tenda Technology Co.,Ltd. of w30e An out-of-bounds read vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function. Shenzhen Tenda Technology Co.,Ltd. of w30e A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro-enterprise offices, and small shops, supporting Wi-Fi 6 technology. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter. Shenzhen Tenda Technology Co.,Ltd. of fh1203 Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda FH1203 is a dual-band wireless router released by China's Tenda Group, primarily used for home network coverage. This vulnerability stems from the cmdinput parameter of the formexeCommand method failing to properly filter special characters and commands when constructing commands. An attacker could exploit this vulnerability to execute arbitrary commands

Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. Shenzhen Tenda Technology Co.,Ltd. (DoS) It may be in a state. Tenda FH1202 is a dual-band wireless router launched by Tenda, supporting 2.4GHz and 5GHz bands, with a total transmission rate of 1200Mbps. No detailed vulnerability details are currently provided

Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the adslPwd parameter of the formWanParameterSetting function. Shenzhen Tenda Technology Co.,Ltd. of fh1205 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. The Tenda FH1205 is a dual-band wireless router for home users. It supports the IEEE 802.11ac standard, offers wireless speeds up to 1200 Mbps, and operates in both the 2.4 GHz and 5 GHz frequency bands. This vulnerability stems from the adslPwd parameter in the formWanParameterSetting method failing to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service