Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC7 version 15.03.06.44, which originates from the parameter upnpEn in the file /goform/SetUpnpCfg that fails to correctly validate the length of the input data, and can be exploited by a...

CVE-2024-32301

Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function...

CVE-2023-41557

CVE-2023-41557 affects Tenda AC7 (v1.0, v15.03.06.44) and Tenda AC5 (v1.0RTL, v15.03.06.28). A stack overflow is triggered via the entrys and mitInterface parameters at /goform/addressNat, enabling a high-severity, network-based impact with no user interaction. CVSS v3.1 indicates a critical base...

CVE-2023-41558

CVE-2023-41558 affects Tenda AC7 router (V15.03.06.44). The issue is a stack overflow in the timeZone parameter of /goform/SetSysTimeCfg, allowing malformed input to overflow a stack buffer. Reported impacts include potential arbitrary code execution or denial of service. Public details across so...

CVE-2023-41558

Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeCfg...

CVE-2023-41552

Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42multi were discovered to contain a stack overflow via parameter ssid at url /goform/fastsettingwifiset...

CVE-2023-38936

Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42multi and FH1205 V2.0.0.7775 were discovered to contain a stack overflow via the speeddir parameter in the formSetSpeedWan function...