Ac18 Firmware Security Vulnerabilities - CVSS Score 9 - 10
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.
9.8CVSS
9.6AI Score
0.014EPSS
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a po...
9.8CVSS
9.4AI Score
0.005EPSS
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
9.8CVSS
9.7AI Score
0.011EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo.
9.8CVSS
9.6AI Score
0.002EPSS
Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set
9.8CVSS
9.5AI Score
0.002EPSS
Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow via the time parameter in the fromSetSysTime function.
9.8CVSS
9.7AI Score
0.002EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.
9.8CVSS
9.4AI Score
0.003EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.
9.8CVSS
9.4AI Score
0.003EPSS
9.8CVSS
9.4AI Score
0.002EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo.
9.8CVSS
9.4AI Score
0.002EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/formWifiBasicSet.
9.8CVSS
9.4AI Score
0.002EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node.
9.8CVSS
9.4AI Score
0.002EPSS
9.8CVSS
9.4AI Score
0.002EPSS
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/fromSetWirelessRepeat.
9.8CVSS
9.4AI Score
0.002EPSS
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.
9.8CVSS
9.7AI Score
0.008EPSS
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
9.8CVSS
9.6AI Score
0.003EPSS
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.
9.8CVSS
7.2AI Score
0.001EPSS
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disc...
9.8CVSS
7.3AI Score
0.001EPSS
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.
9.8CVSS
7.2AI Score
0.001EPSS