CWE-787

CVE-2022-40853

February 23, 2023 by godfreyd94

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set

CVE-2022-40854

February 23, 2023 by godfreyd94

Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set

Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request ‘goform/setPortMapping/’. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.

CVE-2022-40860

February 23, 2023 by godfreyd94

Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList

CVE-2022-40861

February 23, 2023 by godfreyd94

Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/

CVE-2022-40862

February 23, 2023 by godfreyd94

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting