Filtered by vendor Tenda
Subscriptions
Filtered by product W6-s
Subscriptions
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15255 | 1 Tenda | 2 W6-s, W6-s Firmware | 2026-01-02 | 9.8 Critical |
| A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2025-15254 | 1 Tenda | 2 W6-s, W6-s Firmware | 2026-01-02 | 6.3 Medium |
| A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the function TendaAte of the file /goform/ate of the component ATE Service. Performing manipulation results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used. | ||||
| CVE-2025-28221 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-05-08 | 7.5 High |
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request. | ||||
| CVE-2025-28220 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-05-06 | 7.5 High |
| Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request. | ||||
| CVE-2022-45504 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | ||||
| CVE-2022-45503 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing. | ||||
| CVE-2022-45501 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset. | ||||
| CVE-2022-45499 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet. | ||||
| CVE-2022-45498 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 7.5 High |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | ||||
| CVE-2022-45497 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | 9.8 Critical |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. | ||||
Page 1 of 1.