Tenda Ax1806
61 CVEs affecting Tenda Ax1806. Latest disclosed: 2026-01-21. Critical: 20, High: 39.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-44557 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. |
CVE-2024-44555 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. |
CVE-2024-44553 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. |
CVE-2024-44552 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. |
CVE-2024-44551 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv. |
CVE-2024-44550 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. |
CVE-2024-44549 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. |
CVE-2024-44558 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. |
CVE-2024-44556 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. |
CVE-2024-44565 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set. |
CVE-2024-44563 | Critical | 9.8 | 2024-08-26 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. |
CVE-2024-40416 | Critical | 9.8 | 2024-07-15 | A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. |
CVE-2024-40415 | Critical | 9.8 | 2024-07-15 | A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. |
CVE-2024-40414 | Critical | 9.8 | 2024-07-15 | A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow. |
CVE-2024-35580 | Critical | 9.8 | 2024-05-20 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv. |
CVE-2024-35571 | Critical | 9.8 | 2024-05-20 | Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. |
CVE-2022-34597 | Critical | 9.8 | 2022-07-06 | Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting. |
CVE-2022-32032 | Critical | 9.8 | 2022-07-01 | Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. |
CVE-2023-47456 | Critical | 9.1 | 2023-11-07 | Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat. |
CVE-2023-47455 | Critical | 9.1 | 2023-11-07 | Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request paramet… |