8 matches found
CVE-2022-36273
The CVE-2022-36273 entry affects Tenda AC9, specifically version 15.03.2.21_cn. The vulnerability is a command injection via the API endpoint goform/SetSysTimeCfg, enabling an attacker to execute arbitrary commands on the device. Reported impacts are high (confidentiality, integrity, and availabi...
CVE-2022-25417
Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function saveparentcontrolinfo...
Stack overflow
Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function openSchedWifi...
Stack overflow
Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function saveparentcontrolinfo...
CVE-2022-25418
The CVE-2022-25418 entry concerns Tenda AC9 (V15.03.2.21_cn) with a stack overflow in the openSchedWifi function. The connected documents confirm a stack overflow vulnerability that could enable arbitrary code execution on affected devices. The CVSS metrics indicate a network-remote, low-attack-c...
CVE-2022-25418
Tenda AC9 V15.03.2.21cn was discovered to contain a stack overflow via the function openSchedWifi...
CVE-2022-25417
CVE-2022-25417 affects the Tenda AC9 router with firmware version V15.03.2.21_cn . The vulnerability is a stack overflow in the function saveparentcontrolinfo . The CVSS-3.1 base score is 9.8 (CRITICAL) with network exploitability, no user interaction, and impact to confidentiality, integrity, an...
CVE-2022-25414
The CVE-2022-25414 entry concerns Tenda AC9 (V15.03.2.21_cn). The vulnerability is a stack overflow caused by improper handling of the NPTR parameter, as described in multiple sources (CNVD, CNNVD, Red Hat, NVD). Affected product is a wireless router; the root cause is a memory bounds handling is...