Ac15 Firmware Security Vulnerabilities

CVE-2024-2855

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-2852

A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack can be initiated....

CVE-2024-2851

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack...

CVE-2024-2850

A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Affected by this issue is the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack may be launched remotely....

CVE-2024-2816

A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...

CVE-2024-2817

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit....

CVE-2024-2815

A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to...

CVE-2024-2814

A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The...

CVE-2024-2813

A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be...

CVE-2024-2812

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The....

CVE-2024-2811

A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit....

CVE-2024-2810

A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched.....

CVE-2024-2809

A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the...

CVE-2024-2808

A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be...

CVE-2024-2806

A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the.....

CVE-2024-2807

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated...

CVE-2023-39673

Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function...

CVE-2023-30376

In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow...

CVE-2023-30371

In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow...

CVE-2023-30373

In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow...

CVE-2023-30375

In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow...

CVE-2023-30378

In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow...

CVE-2023-30372

In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow...

CVE-2023-30370

In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow...

CVE-2023-30369

Tenda AC15 V15.03.05.19 is vulnerable to Buffer...

CVE-2022-44156

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function...

CVE-2022-44169

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function...

CVE-2022-44167

Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function...

CVE-2022-44168

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function...

CVE-2022-43259

Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set...

CVE-2017-16923

Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18...

CVE-2018-14492

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform...

CVE-2022-40851

Tenda AC15 V15.03.05.19 contained a stack overflow via the function...

CVE-2022-40862

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request...

CVE-2022-40869

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*"...

CVE-2022-40853

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at...

CVE-2022-40865

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request...

CVE-2022-40860

Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request...

CVE-2022-40864

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request...

CVE-2022-38326

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at...

CVE-2022-38325

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at...

CVE-2022-37175

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in...

CVE-2022-28557

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command...

CVE-2022-28556

Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow....

CVE-2021-44971

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement...

CVE-2021-44352

A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in...

CVE-2020-15916

goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST...

CVE-2020-10988

A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the...

CVE-2020-10987

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST...

CVE-2020-10989

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST...