VARIoT IoT vulnerabilities database
VAR-202403-0791 | CVE-2024-2815 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257670 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0815 | CVE-2024-2814 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Firmware vulnerabilities |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0831 | CVE-2024-2813 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257668. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0920 | CVE-2024-2812 | Shenzhen Tenda Technology Co.,Ltd. of AC15 in the firmware OS Command injection vulnerability |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: HIGH |
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0816 | CVE-2024-2811 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0865 | CVE-2024-2810 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257665 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0832 | CVE-2024-2809 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257664. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0930 | CVE-2024-2808 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257663. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0901 | CVE-2024-2807 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257662 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0817 | CVE-2024-2806 | Shenzhen Tenda Technology Co.,Ltd. of AC15 Stack-based buffer overflow vulnerability in firmware |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: CRITICAL |
A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257661 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202403-0784 | CVE-2024-28029 | Delta Electronics, INC. of DIAEnergie Vulnerability in |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
Privileges are not fully verified server-side, which can be abused by a user with limited privileges to bypass authorization and access privileged functionality. Delta Electronics, INC. of DIAEnergie Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
VAR-202402-1997 | CVE-2024-25580 | Tenda AC18 formexeCommand function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: - Severity: HIGH |
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file. Tenda AC18 is a router made by the Chinese company Tenda.
There is a buffer overflow vulnerability in Tenda AC18 V15.03.05.05. The vulnerability is caused by the cmdinput parameter of the formexeCommand function in the /goform/execCommand file failing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute on the system. Arbitrary code or lead to denial of service attacks. Description<!---->A flaw was found in Qt Base. This flaw allows an malicious user to use a specially crafted KTX image file to trigger a buffer overflow in the application reading it, leading to a denial of service.A flaw was found in Qt Base
VAR-202403-0820 | CVE-2024-2707 | Tenda AC10 operating system command injection vulnerability (CNVD-2024-15743) |
CVSS V2: 6.5 CVSS V3: 6.3 Severity: MEDIUM |
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257458 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda AC10 is a wireless router from China's Tenda company. The vulnerability is caused by the mac parameter of the formWriteFacMac function of the /goform/WriteFacMac file failing to properly filter special characters and commands in the constructed command. Attackers can exploit this vulnerability to cause arbitrary command execution
VAR-202403-0744 | CVE-2024-2558 | Tenda AC18 formexeCommand function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. The vulnerability is caused by the cmdinput parameter of the formexeCommand function in the /goform/execCommand file failing to correctly verify the length of the input data. A remote attacker can exploit this vulnerability to execute on the system. Arbitrary code or lead to denial of service attacks
VAR-202403-0846 | CVE-2024-2547 | Tenda AC18 R7WebsSecurityHandler function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda AC18 is a router made by the Chinese company Tenda. This vulnerability is caused by the password parameter of the R7WebsSecurityHandler function failing to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service
VAR-202403-0755 | CVE-2024-2546 | Tenda AC18 fromSetWirelessRepeat function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda AC18 is a router made by the Chinese company Tenda. This vulnerability is caused by the failure of the wpapsk_crypto5g parameter of the fromSetWirelessRepeat function to correctly verify the length of the input data. A remote attacker can use this vulnerability to execute arbitrary code on the system or cause a denial of service attack
VAR-202403-0709 | CVE-2024-2490 | Tenda AC18 setSchedWifi function buffer overflow vulnerability |
CVSS V2: 9.0 CVSS V3: 8.8 Severity: HIGH |
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256897 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Tenda AC18 is a router made by the Chinese company Tenda. A remote attacker can exploit this vulnerability to execute on the system. Arbitrary code or lead to denial of service attacks
VAR-202403-2944 | No CVE | There is a command execution vulnerability (CNVD-2022-53245) in the operation and maintenance audit system of Beijing COSCO Kirin Technology Co., Ltd. |
CVSS V2: 7.1 CVSS V3: - Severity: HIGH |
Beijing COSCO Kirin Technology Co., Ltd. is a software development company focusing on research and development. The company's main products are COSCO Kirin bastion host, Kirin SSL VPN, Kirin dynamic password system, Kirin cloud desktop, etc. COSCO Kirin bastion machines mainly operate in cloud markets such as Tencent Cloud, Alibaba Cloud, Huawei Cloud, and Inspur Cloud.
There is a command execution vulnerability in the operation and maintenance audit system of Beijing COSCO Kirin Technology Co., Ltd. An attacker can use this vulnerability to gain control of the server.
VAR-202403-2416 | CVE-2023-48788 |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.
VAR-202403-1040 | CVE-2024-28553 | Shenzhen Tenda Technology Co.,Ltd. of AC18 Out-of-bounds write vulnerability in firmware |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function. Shenzhen Tenda Technology Co.,Ltd. of AC18 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state