CVE-2022-41498 The id parameter of the Billing System Project v1.0 SQL injection vulnerability was found.
A attacker can inject malicious SQL statements that will result in data being compromised.
An attacker can use this vulnerability to execute SQL commands that
CVE-2022-42171 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.
Tenda AC10 V15.03.06.23 has a Cross-site scripting(XSS) vulnerability via /goform/saveParentControlInfo.
Tenda AC10 V15.03.06.23 has a SQL injection
CVE-2022-42169 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
Tenda AC10 V15.03.06.23 contains a SQL Injection vulnerability via /goform/editWifiMacFilter. Tenda AC10 V15.03.06.23 contains a XSS vulnerability via
CVE-2022-42170 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
This issue can be exploited through maliciously crafted URL that can cause a Stack overflow on the web-server.
Another type of vulnerability that this software
CVE-2022-42168 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.
This issue can be exploited by sending specially crafted requests to the affected device. A remote user can hijack the device’s session by sending
Episode
00:00:00
00:00:00