GCVE - cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:tendacn:pa6:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Tendacn (`911f347d-94dc-5fe9-b545-6a7f771d2f53`)
Product	Pa6 (`135c4607-7539-5bb5-8a07-ec3dbdfb5316`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-0535`	not_vulnerable	2026-06-03 14:54:02.903378	Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflow HIGH (8.8) A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250705 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: 2024-01-15T03:00:05.330Z Updated: 2024-11-14T14:22:49.337Z Open on db.gcve.eu Reference links https://vuldb.com/?id.250705 https://vuldb.com/?ctiid.250705 https://github.com/jylsec/vuldb/blob/main/Tenda/PA6/2/README.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-19506`	not_vulnerable	2026-06-03 14:40:05.182290	Details available Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot. Published: 2020-06-25T19:22:18.000Z Updated: 2024-08-05T02:16:48.200Z Open on db.gcve.eu Reference links https://securityintelligence.com/posts/vulnerable-powerline-extenders-underline-lax-iot-security/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-19505`	not_vulnerable	2026-06-03 14:40:05.181863	Details available Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. By sending a specially crafted hostname, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. Published: 2020-06-25T19:22:21.000Z Updated: 2024-08-05T02:16:48.207Z Open on db.gcve.eu Reference links https://securityintelligence.com/posts/vulnerable-powerline-extenders-underline-lax-iot-security/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-16213`	not_vulnerable	2026-06-03 14:39:54.006685	Details available Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted string, an attacker could modify the device name of an attached PLC adapter to inject and execute arbitrary commands on the system with root privileges. Published: 2020-06-25T19:19:40.000Z Updated: 2024-08-05T01:10:41.527Z Open on db.gcve.eu Reference links https://securityintelligence.com/posts/vulnerable-powerline-extenders-underline-lax-iot-security/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.