CVE-2026-24434

Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior does not implement CSRF protections for administrative functions in the web management interface. The interface does not enforce anti-CSRF tokens or robust origin validation, which can allow an attacker to induce a logged-in administrat...

Tenda AC7 安全漏洞

The Tenda AC7 is a wireless router produced by the Chinese company Tenda. The Tenda AC7 V03.03.03.01cn and earlier versions have security vulnerabilities. These vulnerabilities stem from the exposure of sensitive information during web management responses, which may lead to credential leaks...

The vulnerability of the formSetPPTPUserList() function (/goform/setPptpUserList) in the Tenda AC7 router software allows a hacker to trigger a service failure.

The vulnerability of the formSetPPTPUserList function /goform/setPptpUserList of the Tenda AC7 router’s microprogramming software is related to the copying of buffers without checking the size of the input data when processing the list parameter. Exploiting this vulnerability can allow an attacke...

CVE-2025-5862

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been...

Tenda AC7 /goform/setMacFilterCfg File Buffer Overflow Vulnerability

Tenda AC7 is a wireless router from Tenda, a Chinese company. Tenda AC7 suffers from a buffer overflow vulnerability, which originates from the parameter deviceList in the file /goform/setMacFilterCfg that fails to correctly validate the length of the input data, and can be exploited by an attack...

Tenda AC7 Stack Overflow Vulnerability (CNVD-2025-05237)

The Tenda AC7 is a wireless router manufactured by Tenda. A stack overflow vulnerability exists in the formSetFirewallCfg function of the /goform/SetFirewallCfg file in Tenda AC7 15.03.06.44 and earlier versions when handling the firewallEn parameter, which stems from the program failing to check...

The vulnerability of the formQuickIndex function (/goform/QuickIndex) in the Tenda AC7 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formQuickIndex function /goform/QuickIndex in the Tenda AC7 router software arises due to a buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the GetParentControlInfo function (/goform/GetParentControlInfo) in the Tenda AC7 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of GetParentControlInfo /goform/GetParentControlInfo in the Tenda AC7 router software is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information through ...

The vulnerability of the `saveParentControlInfo` function (/goform/saveParentControlInfo) in the Tenda AC7 router software allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the saveParentControlInfo function /goform/saveParentControlInfo in the Tenda AC7 router microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...

The vulnerability of the formWifiWpsStart function (/goform/WifiWpsStart) in the Tenda AC7 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formWifiWpsStart function /goform/WifiWpsStart in the Tenda AC7 router software is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information through...

The vulnerability of the formWriteFacMac function (/goform/WriteFacMac) in the Tenda AC7 router software allows a attacker to execute arbitrary commands.

The vulnerability of the fromSetRouteStatic /goform/SetStaticRouteCfg function in the Tenda AC7 router software relates to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

Tenda AC7 fromSetWifiGusetBasic Method Buffer Overflow Vulnerability

Tenda AC7 is a 1200M dual-band wireless router designed for large households by Tenda Technology, which adopts the 802.11ac standard and supports dual-band concurrent transmission with a wireless rate of up to 1167Mbps. Tenda AC7 suffers from a buffer overflow vulnerability that originates from a...

PT-2024-2496 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue is present in the Tenda AC7 router's software, related to the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the mac argument leads to os command...

Tenda AC7 Stack Buffer Overflow Vulnerability

Tenda AC7 is a home wireless router launched by Tenda brand, which is mainly positioned as a wall-penetrating enhanced dual-band gigabit device for home network coverage needs. The Tenda AC7 suffers from a stack buffer overflow vulnerability, which originates from the security5g parameter of...

CVE-2023-41559

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42multi, and Tenda AC5 V1.0RTLV15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting...

Tenda AC7 缓冲区错误漏洞

The Tenda AC7 is a wireless router from the Chinese company Tenda. A security vulnerability exists in the Tenda AC7, which is caused by a buffer overflow in the mitInterface parameter of /goform/addressNat...