Tenda Technology G3
Approved changes feed: RSS · Atom
cpe:2.3:h:tendacn:g3:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Tendacn (911f347d-94dc-5fe9-b545-6a7f771d2f53) |
|---|---|
| Product | G3 (bca8aac7-b96a-53cf-99a9-8b8a91b50682) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-46628 |
not_vulnerable | 2026-06-03 14:56:59.668793 |
Details available
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE) vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function.
Published: 2024-09-26T00:00:00.000Z
Updated: 2024-09-26T20:23:59.058Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24172 |
not_vulnerable | 2026-06-03 14:46:29.437066 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDhcpBindRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the addDhcpRules parameter.
Published: 2022-02-04T01:32:56.000Z
Updated: 2024-08-03T04:07:01.524Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24171 |
not_vulnerable | 2026-06-03 14:46:29.436726 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters.
Published: 2022-02-04T01:32:57.000Z
Updated: 2024-08-03T04:07:01.501Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24170 |
not_vulnerable | 2026-06-03 14:46:29.436383 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpSecTunnel. This vulnerability allows attackers to execute arbitrary commands via the IPsecLocalNet and IPsecRemoteNet parameters.
Published: 2022-02-04T01:32:58.000Z
Updated: 2024-08-03T04:07:01.577Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24169 |
not_vulnerable | 2026-06-03 14:46:29.436021 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindAdd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRule parameter.
Published: 2022-02-04T01:32:59.000Z
Updated: 2024-08-03T04:07:02.317Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24168 |
not_vulnerable | 2026-06-03 14:46:29.435677 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetIpGroup. This vulnerability allows attackers to execute arbitrary commands via the IPGroupStartIP and IPGroupEndIP parameters.
Published: 2022-02-04T01:32:59.000Z
Updated: 2024-08-03T04:07:01.543Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24167 |
not_vulnerable | 2026-06-03 14:46:29.435325 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetDMZ. This vulnerability allows attackers to execute arbitrary commands via the dmzHost1 parameter.
Published: 2022-02-04T01:33:01.000Z
Updated: 2024-08-03T04:07:01.389Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24166 |
not_vulnerable | 2026-06-03 14:46:29.434964 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the manualTime parameter.
Published: 2022-02-04T01:33:01.000Z
Updated: 2024-08-03T04:07:01.940Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24165 |
not_vulnerable | 2026-06-03 14:46:29.434585 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetQvlanList. This vulnerability allows attackers to execute arbitrary commands via the qvlanIP parameter.
Published: 2022-02-04T01:33:02.000Z
Updated: 2024-08-03T04:07:01.458Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-24164 |
not_vulnerable | 2026-06-03 14:46:29.434087 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetVirtualSer. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsHijackRule parameter.
Published: 2022-02-04T01:33:04.000Z
Updated: 2024-08-03T04:07:02.043Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45997 |
not_vulnerable | 2026-06-03 14:45:39.184037 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
Published: 2022-02-04T01:33:39.000Z
Updated: 2024-08-04T04:54:31.240Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45996 |
not_vulnerable | 2026-06-03 14:45:39.183690 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
Published: 2022-02-04T01:33:40.000Z
Updated: 2024-08-04T04:54:31.224Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45995 |
not_vulnerable | 2026-06-03 14:45:39.183347 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet, staticRouteMask, and staticRouteGateway parameters.
Published: 2022-02-04T01:33:40.000Z
Updated: 2024-08-04T04:54:31.135Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45994 |
not_vulnerable | 2026-06-03 14:45:39.182927 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parameter.
Published: 2022-02-04T01:33:41.000Z
Updated: 2024-08-04T04:54:31.118Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45993 |
not_vulnerable | 2026-06-03 14:45:39.182578 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP and IPMacBindRuleMac parameters.
Published: 2022-02-04T01:33:41.000Z
Updated: 2024-08-04T04:54:31.107Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45992 |
not_vulnerable | 2026-06-03 14:45:39.182234 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName parameter.
Published: 2022-02-04T01:33:44.000Z
Updated: 2024-08-04T04:54:31.260Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45991 |
not_vulnerable | 2026-06-03 14:45:39.181883 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter.
Published: 2022-02-04T01:33:45.000Z
Updated: 2024-08-04T04:54:31.217Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45990 |
not_vulnerable | 2026-06-03 14:45:39.181527 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function uploadPicture. This vulnerability allows attackers to execute arbitrary commands via the pic_name parameter.
Published: 2022-02-04T01:33:46.000Z
Updated: 2024-08-04T04:54:31.261Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45989 |
not_vulnerable | 2026-06-03 14:45:39.181178 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDownstream parameters.
Published: 2022-02-04T01:33:46.000Z
Updated: 2024-08-04T04:54:31.137Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45988 |
not_vulnerable | 2026-06-03 14:45:39.180817 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.
Published: 2022-02-04T01:33:47.000Z
Updated: 2024-08-04T04:54:31.233Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45987 |
not_vulnerable | 2026-06-03 14:45:39.180433 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetNetCheckTools. This vulnerability allows attackers to execute arbitrary commands via the hostName parameter.
Published: 2022-02-04T01:33:48.000Z
Updated: 2024-08-04T04:54:31.238Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-45986 |
not_vulnerable | 2026-06-03 14:45:39.179951 |
Details available
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection vulnerability in the function formSetUSBShareInfo. This vulnerability allows attackers to execute arbitrary commands via the usbOrdinaryUserName parameter.
Published: 2022-02-04T01:33:50.000Z
Updated: 2024-08-04T04:54:31.221Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-27692 |
not_vulnerable | 2026-06-03 14:44:16.490741 |
Details available
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.
Published: 2021-04-15T23:14:32.000Z
Updated: 2024-08-03T21:26:10.675Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-27691 |
not_vulnerable | 2026-06-03 14:44:16.490189 |
Details available
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.
Published: 2021-04-15T23:14:46.000Z
Updated: 2024-08-03T21:26:10.746Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.