Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9299 | 1 Tenda | 2 M3, M3 Firmware | 2025-08-25 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this vulnerability is the function formGetMasterPassengerAnalyseData of the file /goform/getMasterPassengerAnalyseData. The manipulation of the argument Time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9298 | 1 Tenda | 2 M3, M3 Firmware | 2025-08-25 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda M3 1.0.0.12. Affected is the function formQuickIndex of the file /goform/QuickIndex. Executing manipulation of the argument PPPOEPassword can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2023-51095 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formDelWlRfPolicy. | |||||
| CVE-2023-51094 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a Command Execution vulnerability via the function TendaTelnet. | |||||
| CVE-2023-51093 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function fromSetLocalVlanInfo. | |||||
| CVE-2023-51092 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function upgrade. | |||||
| CVE-2023-51091 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function R7WebsSecurityHandler. | |||||
| CVE-2023-51090 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow via the function formGetWeiXinConfig. | |||||
| CVE-2022-38571 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem. | |||||
| CVE-2022-38570 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter. | |||||
| CVE-2022-38569 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd. | |||||
| CVE-2022-38568 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||||
| CVE-2022-38567 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||||
| CVE-2022-38566 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||||
| CVE-2022-38565 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | |||||
| CVE-2022-38564 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | |||||
| CVE-2022-38563 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | |||||
| CVE-2022-38562 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | |||||
| CVE-2022-32043 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo. | |||||
| CVE-2022-32041 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData. | |||||