VARIoT IoT vulnerabilities database

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware and AC5 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware, AC7 firmware, AC5 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware, AC7 firmware, AC5 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet. Shenzhen Tenda Technology Co.,Ltd. of AC9 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware and AC5 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware and AC7 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter entrys and mitInterface at url /goform/addressNat. Shenzhen Tenda Technology Co.,Ltd. of AC7 firmware and AC5 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

NETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ZipUtils class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-19716. (DoS) It may be in a state

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat.". The Tenda AC6 is a dual-band wireless router from Tenda. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. The Tenda AC6 suffers from a buffer overflow vulnerability caused by the fromGetWirelessRepeat function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler.". The Tenda AC6 is a dual-band wireless router from Tenda. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. The Tenda AC6 suffers from a buffer overflow vulnerability caused by the R7WebsSecurityHandler function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'. Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. The Tenda AC6 suffers from a buffer overflow vulnerability caused by the formWifiBasicSet function's failure to properly validate the length of input data. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks. Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,". The Tenda AC6 is a dual-band wireless router from Tenda. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. The Tenda AC6 suffers from a buffer overflow vulnerability caused by the add_white_node function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands. The Tenda AC6 is a dual-band wireless router from Tenda. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. An attacker could exploit this vulnerability to execute arbitrary commands

NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR Orbi 760 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SOAP API. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-20524. of netgear RBR760 Firmware has a lack of authentication vulnerability for critical functionality.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. NETGEAR Orbi 760 is a tri-band Wi-Fi Mesh system router from NETGEAR. No detailed vulnerability details are available

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858.". Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The Tenda AC6 is a dual-band wireless router from Tenda, supporting both the 2.4GHz and 5GHz bands, with a maximum transmission rate of 1167Mbps and dual-band integration. This vulnerability could allow an attacker to execute arbitrary code on the system or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004.". Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. This vulnerability could allow an attacker to execute arbitrary code on the system or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check. Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. It supports both 2.4GHz and 5GHz bands, boasts a maximum transmission rate of 1167Mbps, and features dual-band integration. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998. Shenzhen Tenda Technology Co.,Ltd. of AC6 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability is caused by the failure of function sub_90998 to correctly verify the length of input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack