Filtered by vendor Tenda Subscriptions
Filtered by product Ac15 Subscriptions
Total 52 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-30378 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.
CVE-2023-30376 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.
CVE-2023-30375 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.
CVE-2023-30373 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.
CVE-2023-30372 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.
CVE-2023-30371 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.
CVE-2023-30370 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.
CVE-2023-30369 1 Tenda 2 Ac15, Ac15 Firmware 2023-04-28 9.8 Critical
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.
CVE-2022-44156 1 Tenda 2 Ac15, Ac15 Firmware 2022-11-22 7.5 High
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind.
CVE-2022-44167 1 Tenda 2 Ac15, Ac15 Firmware 2022-11-21 7.5 High
Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer.
CVE-2022-44168 1 Tenda 2 Ac15, Ac15 Firmware 2022-11-21 7.5 High
Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic..
CVE-2022-44169 1 Tenda 2 Ac15, Ac15 Firmware 2022-11-21 7.5 High
Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer.
CVE-2022-43259 1 Tenda 2 Ac15, Ac15 Firmware 2022-10-20 7.5 High
Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function.
CVE-2017-16923 1 Tenda 6 Ac15, Ac15 Firmware, Ac18 and 3 more 2022-10-03 N/A
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the "sub_A6E8 usbeject_process_entry" function executes a system function with untrusted input.
CVE-2022-40851 1 Tenda 2 Ac15, Ac15 Firmware 2022-09-23 9.8 Critical
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
CVE-2022-37175 1 Tenda 2 Ac15, Ac15 Firmware 2022-08-23 9.8 Critical
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
CVE-2020-10987 1 Tenda 2 Ac15, Ac15 Firmware 2021-07-21 9.8 Critical
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-15916 1 Tenda 2 Ac15, Ac15 Firmware 2020-07-27 9.8 Critical
goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter.
CVE-2020-10988 1 Tenda 2 Ac15, Ac15 Firmware 2020-07-15 9.8 Critical
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.
CVE-2020-10986 1 Tenda 2 Ac15, Ac15 Firmware 2020-07-15 6.5 Medium
A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.