CVE-2026-4974

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-4974

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

CVE-2026-4974 Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime memory corruption

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

CVE-2025-13446

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

CVE-2025-13446

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

CVE-2025-13446

CVE-2025-13446 affects the Tenda AC21 router. The vulnerability exists in the /goform/SetSysTimeCfg handler, where improper validation of the timeZone/time input leads to a stack-based buffer overflow. This can be exploited remotely without user interaction, enabling arbitrary code execution or a...

CVE-2025-13446 Tenda AC21 SetSysTimeCfg stack-based overflow

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

CVE-2025-63456

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router from Tenda, a Chinese company. The Tenda AC5 suffers from a stack buffer overflow vulnerability, which originates from the failure of the parameters time and timeZone in the file /goform/SetSysTimeCfg to correctly validate the length of the input data, which can be...

CVE-2022-36273

Tenda AC9 V15.03.2.21cn is vulnerable to command injection via goform/SetSysTimeCfg...

The vulnerability of the fromSetSysTime() function (/goform/SetSysTimeCfg) in the Tenda AC10 router’s microprogramming software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the fromSetSysTime function /goform/SetSysTimeCfg in the Tenda AC10 router’s microprogramming system is related to the operation where the output goes beyond the buffer in memory when processing the timeZone parameter. Exploiting this vulnerability can allow an attacker to...

CVE-2024-2856

A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be...

PT-2024-2395 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.05.19 and version 15.03.20 Description: A critical vulnerability was found in the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to a...

CVE-2023-41558

Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg...

CVE-2023-41558

Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg...

CVE-2023-40898

Tenda AC8 v4 USAC8V4.0siV16.03.34.06cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg...

CVE-2023-40898

Tenda AC8 v4 USAC8V4.0siV16.03.34.06cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg...

CVE-2023-24212

Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg...

Tenda AX3 缓冲区错误漏洞

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from a stack overflow vulnerabili...

Tenda AC21 缓冲区错误漏洞

The Tenda AC21 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC21 version V16.03.08.15, which stems from the lack of length checking of input data in the fromSetSysTime function of /bin/httpd, which can be exploited to cause httpd to restart...