Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rx9_pro_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 9 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-10-23 | CVE-2024-10283 | A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Rx9_pro_firmware | 8.8 | ||
| 2024-10-25 | CVE-2024-10351 | A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Rx9_pro_firmware | 8.8 | ||
| 2024-10-23 | CVE-2024-10281 | A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Rx9_pro_firmware | 8.8 | ||
| 2024-10-23 | CVE-2024-10282 | A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Rx9_pro_firmware | 8.8 | ||
| 2023-11-07 | CVE-2023-43885 | Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device. | Rx9_pro_firmware | 8.1 | ||
| 2023-11-07 | CVE-2023-43886 | A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory. | Rx9_pro_firmware | 7.1 | ||
| 2022-09-16 | CVE-2022-38829 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg. | Rx9_pro_firmware | 9.8 | ||
| 2022-09-16 | CVE-2022-38830 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status. | Rx9_pro_firmware | 9.8 | ||
| 2022-09-16 | CVE-2022-38831 | Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList | Rx9_pro_firmware | 9.8 |