d1tto/IoT-vuln

Releases0

Stars21

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-32045 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.
CVE-2022-32044 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.
CVE-2022-32053 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
CVE-2022-32052 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
CVE-2022-32051 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
CVE-2022-32050 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
CVE-2022-32049 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
CVE-2022-32048 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
CVE-2022-32047 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.
CVE-2022-32037 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
CVE-2022-32034 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
CVE-2022-32039 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient.
CVE-2022-32043 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo.
CVE-2022-32041 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData.
CVE-2022-32036 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
CVE-2022-32035 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
CVE-2022-32033 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
CVE-2022-32040 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm.
CVE-2022-32046 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	5 MEDIUM
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.
CVE-2022-32031 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
CVE-2022-32030 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
CVE-2022-32032 ↗	Jul 1, 2022Friday, 1 July 2022, 18:15	9.8 CRITICAL	10 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
CVE-2022-29395 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4.
CVE-2022-29394 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.
CVE-2022-29399 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0.
CVE-2022-29398 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c.
CVE-2022-29397 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.
CVE-2022-29391 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.
CVE-2022-29396 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10.
CVE-2022-29392 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24.
CVE-2022-29393 ↗	May 10, 2022Tuesday, 10 May 2022, 20:15	9.8 CRITICAL	10 HIGH
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc.
CVE-2022-28970 ↗	May 6, 2022Friday, 6 May 2022, 14:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS).
CVE-2022-28969 ↗	May 6, 2022Friday, 6 May 2022, 14:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS).
CVE-2022-28973 ↗	May 6, 2022Friday, 6 May 2022, 14:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS).
CVE-2022-28972 ↗	May 6, 2022Friday, 6 May 2022, 14:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS).
CVE-2022-28971 ↗	May 6, 2022Friday, 6 May 2022, 14:15	7.5 HIGH	7.8 HIGH
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS).