Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-32033PUBLISHED: 2022-07-01Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
CVE-2022-32034PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
CVE-2022-32035PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
CVE-2022-32036PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
CVE-2022-32037PUBLISHED: 2022-07-01Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
User Rank: Moderator
10/29/2014 | 1:05:24 PM
Take a look at page 6 and 7 of their report for some additional information. I'd also suggest contacting them to see if they can put you in touch with one of their technical people who has more background. My guess would be that it's a combination of your common web attacks like SQL injection or usage of stolen credentials to gain access and commit fraud or theft.