CWE-120— Buffer Copy without Checking Size (Classic Buffer Overflow)

CVE-2022-45663HIGHCVSS 7.5EG 7.5

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.

CVE-2022-45664HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.

CVE-2022-45665HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.

CVE-2022-45666HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.

CVE-2022-45669HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.

CVE-2022-45670HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.

CVE-2022-45671HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.

CVE-2022-45672HIGHCVSS 7.5EG 7.5

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.

CVE-2022-45706CRITICALCVSS 9.8EG 9.8

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.

CVE-2022-45707CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.

CVE-2022-45708CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.

CVE-2022-45710CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.

CVE-2022-45712CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

CVE-2022-45714CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.

CVE-2022-45715CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.

CVE-2022-45716CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.

CVE-2022-45718CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.

CVE-2022-45719CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.

CVE-2022-45720CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.

CVE-2022-45721CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.

CVE-2022-45995CRITICALCVSS 9.8EG 9.8

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.

2023-01-05

There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414.

CVE-2022-45997HIGHCVSS 7.2EG 7.2

2022-12-12

Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.

CVE-2022-4608HIGHCVSS 7.5EG 7.5

2023-07-26

A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session res…

CVE-2022-46456MEDIUMCVSS 6.1EG 7.8

2023-01-04

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.

CVE-2022-46527HIGHCVSS 7.5EG 7.5

2023-09-01

ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.

CVE-2022-46530HIGHCVSS 7.5EG 7.5

CVE-2022-46531HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/GetParentControlInfo.

CVE-2022-46532HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter.

CVE-2022-46533HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.

CVE-2022-46534HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.

CVE-2022-46535HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan.

CVE-2022-46536HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.

CVE-2022-46537HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState.

CVE-2022-46539HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet.

CVE-2022-46540HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /goform/WifiBasicSet.

CVE-2022-46541HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.

CVE-2022-46542HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.

CVE-2022-46543HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.

CVE-2022-46544HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mitInterface parameter at /goform/addressNat.

CVE-2022-46545HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand.

CVE-2022-46546HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.

CVE-2022-46547HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic.

CVE-2022-46548HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.

CVE-2022-46549HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient.

CVE-2022-46550HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo.

CVE-2022-46551HIGHCVSS 7.5EG 7.5

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo.