CVE-2022-42169 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
Tenda AC10 V15.03.06.23 contains a SQL Injection vulnerability via /goform/editWifiMacFilter. Tenda AC10 V15.03.06.23 contains a XSS vulnerability via
CVE-2022-42170 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
This issue can be exploited through maliciously crafted URL that can cause a Stack overflow on the web-server.
Another type of vulnerability that this software
CVE-2022-3126 The Frontend File Manager Plugin before 21.4 did not have CSRF check, which could allow attackers to make logged in users upload files on their behalf.
This issue has been fixed in version 2.6.10. Before installing this plugin, you should make sure your site does not use a file
CVE-2022-41586 The communication framework has a vulnerability of not properly truncating data. This may impact data confidentiality.
This vulnerability may lead to the disclosure of sensitive information, e.g. database log information.
It has been reported that the web interface of the
CVE-2022-41594 The phones have the fingerprint vulnerability. Successful exploitation may affect the fingerprint service.
A local attacker may access and control the smart phone or read personal data from it.
Vulnerabilities Scoring System
The Vulnerabilities Scoring System (VSS) is
Episode
00:00:00
00:00:00