Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45505 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand. | |||||
| CVE-2024-52789 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-07 | N/A | 8.0 HIGH |
| Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | |||||
| CVE-2024-32293 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.0 HIGH |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function. | |||||
| CVE-2024-32292 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.8 HIGH |
| Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. | |||||
| CVE-2024-32291 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function. | |||||
| CVE-2024-32290 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.7 MEDIUM |
| Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. | |||||
| CVE-2024-32288 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.3 MEDIUM |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function. | |||||
| CVE-2024-32287 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.5 MEDIUM |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function. | |||||
| CVE-2024-32286 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromVirtualSer function. | |||||
| CVE-2024-32285 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.0 HIGH |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function. | |||||
| CVE-2023-25231 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||||
| CVE-2024-3881 | 1 Tenda | 2 W30e, W30e Firmware | 2025-01-27 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W30E 1.0.1.25(633) and classified as critical. This issue affects the function frmL7PlotForm of the file /goform/frmL7ProtForm. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-260915. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3882 | 1 Tenda | 2 W30e, W30e Firmware | 2025-01-27 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W30E 1.0.1.25(633). It has been classified as critical. Affected is the function fromRouteStatic of the file /goform/fromRouteStatic. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260916. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3879 | 1 Tenda | 2 W30e, W30e Firmware | 2025-01-27 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda W30E 1.0.1.25(633). This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260913 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3880 | 1 Tenda | 2 W30e, W30e Firmware | 2025-01-27 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability has been found in Tenda W30E 1.0.1.25(633) and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-260914 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-50002 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode. | |||||
| CVE-2023-50001 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline. | |||||
| CVE-2023-50000 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode. | |||||
| CVE-2023-49999 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. | |||||
| CVE-2023-49411 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. | |||||