CVE-2024-2813

A vulnerability was found in Tenda AC15 15.03.20multi. It has been declared as critical. This vulnerability affects the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated...

CVE-2024-2814

The CVE-2024-2814 issue affects Tenda AC15, specifically version 15.03.20 multi, where the fromDhcpListClient function in /goform/DhcpListClient is vulnerable. The root cause is a stack-based buffer overflow caused by improper handling of the page argument, which can be exploited remotely and may...

CVE-2024-2813

CVE-2024-2813 affects Tenda AC15 (firmware 15.03.20_multi). The vulnerability is in the function form_fast_setting_wifi_set (/goform/fast_setting_wifi_set); manipulating the ssid parameter causes a stack-based buffer overflow. It is exploitable remotely and exploit details are publicly disclosed....

CVE-2024-2810

A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched...

CVE-2024-2809

A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the atta...

CVE-2024-2811

The CVE-2024-2811 issue affects the Tenda AC15 15.03.20_multi, specifically the function formWifiWpsStart in /goform/WifiWpsStart. The vulnerability is triggered by manipulating the index argument, causing a stack-based buffer overflow. It can be exploited remotely and has been disclosed publicly...

CVE-2024-2810

CVE-2024-2810 affects Tenda AC15 firmware versions 15.03.05.18–15.03.20_multi. The vulnerability is in function formWifiWpsOOB of file /goform/WifiWpsOOB, where manipulating the argument index leads to a stack-based buffer overflow. This can be triggered remotely, with public exploit disclosures....

CVE-2024-2809 Tenda AC15 SetFirewallCfg formSetFirewallCfg stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the atta...

CVE-2024-2809

Summary of CVE-2024-2809 (Tenda AC15) A stack-based buffer overflow vulnerability exists in the Tenda AC15 router, specifically in the function formSetFirewallCfg of the page /goform/SetFirewallCfg . Manipulation of the argument firewallEn can be exploited remotely to gain execution on the device...

CVE-2024-2808

CVE-2024-2808 affects Tenda AC15 (versions 15.03.05.18 through 15.03.20_multi). The flaw is in function formQuickIndex of /goform/QuickIndex, where manipulating the PPPOEPassword argument triggers a stack-based buffer overflow. Impact includes potential unauthorized remote code execution with eff...

CVE-2024-2807

CVE-2024-2807 – Tenda AC15 : A stack-based buffer overflow in the /goform/expandDlnaFile endpoint, arising from unsafely handling the filePath parameter in the function formExpandDlnaFile. Affected: Tenda AC15 firmware 15.03.05.18 and 15.03.20_multi. Impact: remote attacker could exploit to execu...

CVE-2024-2806 Tenda AC15 addWifiMacFilter stack-based overflow

A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the...

CVE-2024-2805

Summary: CVE-2024-2805 affects Tenda AC15 routers (versions 15.03.05.18–15.03.20_multi) via the /goform/SetSpeedWan endpoint. The root cause is a stack-based buffer overflow triggered by manipulating the speed_dir argument in the formSetSpeedWan function, which can be exploited remotely and may i...

CVE-2024-2764 Tenda AC10U SetPptpServerCfg formSetPPTPServer stack-based overflow

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument endIP leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

CVE-2024-2764

The CVE-2024-2764 vulnerability affects Tenda AC10U 15.03.06.48, specifically the function formSetPPTPServer within /goform/SetPptpServerCfg. The issue is a stack-based buffer overflow caused by improper handling of the endIP argument, enabling remote initiation of an attack. Public exploits have...

CVE-2024-27683

D-Link Go-RT-AC750 (GORTAC750_A1_FW_v101b03) is affected by a stack-based buffer overflow in the hnap_main function. An attacker can trigger this via a crafted POST request to the vulnerable API, potentially enabling arbitrary code execution or causing device instability/DoS. Public details indic...

CVE-2024-2711

A vulnerability was found in Tenda AC10U 15.03.06.48. It has been rated as critical. Affected by this issue is the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceMac leads to stack-based buffer overflow. The attack may be launched remotely...

CVE-2024-2709

A vulnerability was found in Tenda AC10U 15.03.06.49. It has been classified as critical. Affected is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

CVE-2024-2711

CVE-2024-2711 affects Tenda AC10U firmware 15.03.06.48. The vulnerability is in the addWifiMacFilter function located at /goform/addWifiMacFilter, where manipulating the deviceMac argument leads to a stack-based buffer overflow. Attacks may be launched remotely, and the exploit has been publicly ...

CVE-2024-2710

CVE-2024-2710 affects Tenda AC10U 15.03.06.49. The vulnerability resides in the setSchedWifi function in /goform/openSchedWifi, where manipulating the schedStartTime parameter causes a stack-based buffer overflow. This can be exploited remotely and, per multiple sources, the exploit has been publ...