Filtered by vendor Tenda
Subscriptions
Filtered by product Ac15 Firmware
Subscriptions
Total
52 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-30378 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30376 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30375 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | ||||
| CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2023-04-28 | 9.8 Critical |
| Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | ||||
| CVE-2022-44156 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-11-22 | 7.5 High |
| Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. | ||||
| CVE-2022-44167 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-11-21 | 7.5 High |
| Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. | ||||
| CVE-2022-44168 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-11-21 | 7.5 High |
| Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. | ||||
| CVE-2022-44169 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-11-21 | 7.5 High |
| Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. | ||||
| CVE-2022-43259 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-10-20 | 7.5 High |
| Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | ||||
| CVE-2017-16923 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2022-10-03 | N/A |
| Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the "sub_A6E8 usbeject_process_entry" function executes a system function with untrusted input. | ||||
| CVE-2022-40851 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-09-23 | 9.8 Critical |
| Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | ||||
| CVE-2022-37175 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-08-23 | 9.8 Critical |
| Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. | ||||
| CVE-2020-10987 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2021-07-21 | 9.8 Critical |
| The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. | ||||
| CVE-2020-15916 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-27 | 9.8 Critical |
| goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | ||||
| CVE-2020-10988 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-15 | 9.8 Critical |
| A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. | ||||
| CVE-2020-10986 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-15 | 6.5 Medium |
| A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page. | ||||