aixiao0621

13 exploits Active since Sep 2023
CVE-2023-42320 WRITEUP CRITICAL WORKING POC
Tenda Ac10 Firmware - Buffer Overflow
Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote attacker to cause a denial of service via the mac parameter in the GetParentControlInfo function.
CVSS 9.8
CVE-2023-44013 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the list parameter in the fromSetIpMacBind function.
CVSS 9.8
CVE-2023-44014 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack overflows in the formSetMacFilterCfg function via the macFilterType and deviceList parameters.
CVSS 9.8
CVE-2023-44015 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the schedEndTime parameter in the setSchedWifi function.
CVSS 9.8
CVE-2023-44016 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
CVSS 9.8
CVE-2023-44017 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
CVSS 9.8
CVE-2023-44018 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
CVSS 9.8
CVE-2023-44019 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
CVSS 9.8
CVE-2023-44020 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
CVSS 9.8
CVE-2023-44021 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.
CVSS 9.8
CVE-2023-44022 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
CVSS 9.8
CVE-2023-44023 WRITEUP CRITICAL WORKING POC
Tenda AC10U <v1.0 - Buffer Overflow
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
CVSS 9.8
CVE-2024-55156 WRITEUP MEDIUM WRITEUP
Java SDK for CloudEvents <4.0.1 - XSS
An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for CloudEvents v4.0.1 allows attackers to access sensitive information via supplying a crafted XML-formatted event message.
CVSS 5.5