A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched...
9.8CVSS
7AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack can be initiated....
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack...
9.8CVSS
7.3AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Affected by this issue is the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack may be launched remotely....
9.8CVSS
6.8AI Score
0.001EPSS
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...
6.5CVSS
6.6AI Score
0.0005EPSS
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit....
6.5CVSS
6.5AI Score
0.0005EPSS
A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to...
9.8CVSS
7.1AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be...
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The...
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The....
8.8CVSS
7.3AI Score
0.001EPSS
A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit....
9.8CVSS
6.8AI Score
0.001EPSS
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched.....
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the...
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be...
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the.....
9.8CVSS
6.9AI Score
0.001EPSS
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated...
9.8CVSS
6.9AI Score
0.001EPSS
Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function...
9.8CVSS
9.7AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow...
9.8CVSS
9.7AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow...
9.8CVSS
9.6AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set...
7.5CVSS
7.7AI Score
0.001EPSS
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18...
8.8CVSS
9.1AI Score
0.001EPSS
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform...
7.5CVSS
7.6AI Score
0.001EPSS
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request...
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*"...
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at...
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request...
9.8CVSS
9.8AI Score
0.002EPSS
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request...
9.8CVSS
9.5AI Score
0.002EPSS
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request...
9.8CVSS
9.8AI Score
0.002EPSS
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at...
9.8CVSS
9.8AI Score
0.002EPSS
9.8CVSS
9.7AI Score
0.002EPSS
There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command...
9.8CVSS
8.8AI Score
0.006EPSS
Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. The stack overflow vulnerability lies in the /goform/setpptpservercfg interface of the web. The sent post data startip and endip are copied to the stack using the sanf function, resulting in stack overflow....
7.5CVSS
8.6AI Score
0.002EPSS
Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement...
9.8CVSS
8.8AI Score
0.002EPSS
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in...
9.8CVSS
9.4AI Score
0.002EPSS
goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST...
9.8CVSS
9.8AI Score
0.32EPSS
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the...
9.8CVSS
9.3AI Score
0.009EPSS
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST...
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST...
6.1CVSS
6.2AI Score
0.001EPSS