Filtered by vendor Tenda
Subscriptions
Filtered by product Ac9
Subscriptions
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25431 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function. | ||||
| CVE-2022-25433 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function. | ||||
| CVE-2022-25434 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function. | ||||
| CVE-2022-25435 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function. | ||||
| CVE-2022-25437 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | ||||
| CVE-2022-25438 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function. | ||||
| CVE-2022-25439 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. | ||||
| CVE-2022-25440 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. | ||||
| CVE-2022-25441 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2023-08-08 | 9.8 Critical |
| Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | ||||
| CVE-2023-37716 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2023-07-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting. | ||||
| CVE-2023-37717 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2023-07-21 | 9.8 Critical |
| Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. | ||||
| CVE-2017-16923 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2022-10-03 | N/A |
| Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to execute arbitrary OS commands via a crafted cgi-bin/luci/usbeject?dev_name= GET request from the LAN. This occurs because the "sub_A6E8 usbeject_process_entry" function executes a system function with untrusted input. | ||||
| CVE-2022-36571 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-09-02 | 7.2 High |
| Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting. | ||||
| CVE-2022-36570 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-09-02 | 7.2 High |
| Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg. | ||||
| CVE-2022-36569 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-09-02 | 8.8 High |
| Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg. | ||||
| CVE-2022-36568 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-09-02 | 8.8 High |
| Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList. | ||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-07-12 | 6.5 Medium |
| There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | ||||
| CVE-2022-28560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-05-11 | 9.8 Critical |
| There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | ||||
| CVE-2022-27022 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-04-14 | 9.8 Critical |
| There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | ||||
| CVE-2022-27016 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-04-14 | 9.8 Critical |
| There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn. | ||||