12 matches found
CVE-2026-51843
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...
PT-2026-50968
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow occurs in the '/goform/AdvSetMacMtuWan' endpoint through the mac parameter. A stack buffer overflow is a condition where a program writes more data to a buffer located on the...
CVE-2025-11528 Tenda AC7 saveAutoQos stack-based overflow
A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be us...
EUVD-2025-33258
A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be us...
CVE-2025-11523
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
EUVD-2025-33268
A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...
CVE-2025-11524
CVE-2025-11524 affects Tenda AC7 routers (firmware 15.03.06.44). The defect is a stack-based buffer overflow in /goform/SetDDNSCfg via the ddnsEn parameter, enabling remote code execution (exploit published; PoC/attacks possible). Exploit maturity: PoC. Remediation: update to a newer firmware ver...
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used...
CVE-2025-29137
Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the formfastsettingwifiset function, which can cause RCE...
CVE-2024-32301
Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, China. A security vulnerability exists in Tenda AC7 version 15.03.06.44 due to a buffer overflow in the index parameter of the formWifiWpsOOB method...
Tenda AC7 安全漏洞
Tenda AC7 is a wireless router from Tenda, a Chinese company. A security vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from a buffer overflow vulnerability in the list parameter of the formSetQosBand method. No details of the vulnerability are available at this time...