745 matches found
CVE-2024-2808
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiate...
CVE-2024-2855
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched...
CVE-2024-2811
A vulnerability was found in Tenda AC15 15.03.20multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...
PT-2026-22506
Name of the Vulnerable Software and Affected Versions Tenda AC15 versions prior to 15.13.07.14 Description A security issue exists in the TextEditingConversion function of Tenda AC15 routers. The issue is a stack-based buffer overflow that occurs when processing the wpapsk crypto2 4g parameter...
EUVD-2025-131903
Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...
CVE-2025-63666
Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...
CVE-2025-63666
Tenda AC15 v15.03.05.18multi issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to acce...
Tenda AC15 安全漏洞
Tenda AC15 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC15 version v15.03.05.18multi, which stems from an authentication cookie that exposes a password hash and uses a low entropy session identifier, which could lead to session hijacking...
PT-2025-46661
Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.18 multi Description The authentication cookie used by the device exposes the account password hash to the client and utilizes a short, low-entropy suffix as the session identifier. An attacker with network access o...
CVE-2025-63666
CVE-2025-63666 affects Tenda AC15 v15.03.05.18_multi. The flaw is that an authentication cookie exposes the account password hash to the client and uses a short, low-entropy session identifier. An attacker with network access or the ability to run JavaScript in a victim’s browser can steal the co...
Exploit for OS Command Injection in Tenda Ac15_Firmware
Tenda-Router-VR-and-Exploit...
Tenda AC15 ddnsEn Parameter Stack Buffer Overflow Vulnerability
Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 has a stack buffer overflow vulnerability, which originates from the parameter ddnsEn in th...
Tenda AC15 formsaveAutoQos function buffer overflow vulnerability
The Tenda AC15 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC15 version 15.03.05.18, which originates from the parameter enable in the file /goform/saveAutoQos that fails to correctly validate the length of the input data, and can be...
Tenda AC15 formfast_setting_pppoe_set function buffer overflow vulnerability
The Tenda AC15 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda AC15 formfastsettingpppoeset function, which can be exploited by an attacker to execute arbitrary code on the system or cause a denial of service...
Tenda AC15 newVersion Parameter Stack Buffer Overflow Vulnerability
Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol and is mainly designed for home network environment. Tenda AC15 has a stack buffer overflow vulnerability, which originates from the parameter newVersion i...
CVE-2025-11389
A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing a manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to...
CVE-2025-11388
A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used...
CVE-2025-11387
A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fastsettingpppoeset. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may ...
CVE-2025-11386
A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit...
EUVD-2025-32706
A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit...