EUVD-2026-29019

A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...

CVE-2025-15215 Tenda AC10U HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflow

A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack...

Tenda AC10U 安全漏洞

Tenda AC10U is a wireless router from Tenda China. A security vulnerability exists in Tenda AC10U version 15.03.06.48 and 15.03.06.49, which originates from an incorrect operation of the parameter list in the file /goform/setPptpUserList, which may result in a buffer overflow...

CVE-2024-32306

Tenda AC10U v1.0 Firmware v15.03.06.49 has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function...

CVE-2024-2707

A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This vulnerability affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. The attack can be initiated remotely. The exploit has...

CVE-2024-2707

The CVE-2024-2707 entry concerns Tenda AC10U (firmware 15.03.06.49). The root cause is improper sanitization in the mac parameter of the /goform/WriteFacMac endpoint (function formWriteFacMac), enabling remote OS command injection. Impact is high: attackers can execute arbitrary commands on affec...

Tenda AC10 Security Vulnerability

Tenda AC10 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC10U version 15.03.06.49, which is caused by a stack-based buffer overflow in the list parameter of the formSetQosBand function of the /goform/SetNetControlList file...

Tenda AC10 安全漏洞

Tenda AC10U is a wireless router from Tenda China. A buffer overflow vulnerability exists in Tenda AC10U version 15.03.06.49, which originates from the list parameter of the fromSetRouteStatic function in the /goform/SetStaticRouteCfg file that fails to correctly validate the length of the input...

PT-2024-2352 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 Description: The issue is related to a stack-based buffer overflow in the formexeCommand function of the /goform/execCommand file. This can be exploited by manipulating the cmdinput argument, potentially allowi...

PT-2024-2443 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 Description: A critical issue has been found in the setSchedWifi function of the /goform/openSchedWifi file, which can lead to a stack-based buffer overflow when the schedStartTime argument is manipulated. This...

Tenda AC10 Security Vulnerability

Tenda AC10 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC10U version 15.03.06.49, which is caused by a stack-based buffer overflow in the mac parameter of the formSetDeviceName function of the /goform/SetOnlineDevName file...

PT-2024-2394 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U versions 15.03.06.48 through 15.03.06.49 Description: A critical issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. The attack may b...

PT-2024-1366 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 multi TDE01 Description: The issue is related to the function formWifiWpsOOB and involves a stack-based buffer overflow due to the manipulation of the index argument. This can be exploited remotely, potentially...

PT-2024-1374 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 multi TDE01 Description: The issue is related to a critical vulnerability affecting the saveParentControlInfo function, which is associated with a stack-based buffer overflow. This can be exploited remotely by...

PT-2024-1371 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 15.03.06.49 multi TDE01 Description: A critical vulnerability was found in the Tenda AC10U, affecting the function formSetPPTPServer. The manipulation of the startIp argument leads to a stack-based buffer overflow. This...

CVE-2023-44021

Tenda AC10U v1.0 USAC10UV1.0RTLV15.03.06.49multiTDE01 was discovered to contain a stack overflow via the formSetClientState function...

CVE-2021-45401

A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router AC10U V1.0 Firmware V15.03.06.49multi via the setUsbUnload functionality. The vulnerability is caused because the client controlled "deviceName" value is passed directly to the "doSystemCmd" function...