Total
87 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42634 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15.03.06.42. As a result, attacker can execute OS commands with root privileges. | |||||
| CVE-2025-22949 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. | |||||
| CVE-2025-22946 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. | |||||
| CVE-2025-29386 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29385 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29387 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-17 | N/A | 7.1 HIGH |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2024-25746 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-13 | N/A | 8.8 HIGH |
| Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the add_white_node function. | |||||
| CVE-2024-25748 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-13 | N/A | 8.8 HIGH |
| A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function. | |||||
| CVE-2024-25753 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-13 | N/A | 8.8 HIGH |
| Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function. | |||||
| CVE-2024-25756 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-13 | N/A | 8.0 HIGH |
| A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the formWifiBasicSet function. | |||||
| CVE-2024-25751 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute arbitrary code via the fromSetSysTime function. | |||||
| CVE-2023-41563 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo. | |||||
| CVE-2023-41562 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet. | |||||
| CVE-2023-41561 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg. | |||||
| CVE-2023-41560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg. | |||||
| CVE-2023-41559 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting. | |||||
| CVE-2023-41556 | 1 Tenda | 6 Ac5, Ac5 Firmware, Ac7 and 3 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind. | |||||
| CVE-2023-41554 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet. | |||||
| CVE-2023-41553 | 1 Tenda | 4 Ac5, Ac5 Firmware, Ac9 and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg. | |||||