Ac10 Firmware Security Vulnerabilities and Issues — Page 2 of Ac10 Firmware CVE List

Lucene search

TendaAc10 Firmware

85 matches found

CVE•added 2025/04/15 7:16 p.m.•40 views

CVE-2025-25456

Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2.

9.8CVSS7AI score0.00106EPSS

CVE•added 2019/04/25 8:29 p.m.•39 views

CVE-2018-14559

An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When proces...

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2018/10/29 12:29 p.m.•39 views

CVE-2018-18707

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, th...

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2018/10/29 12:29 p.m.•39 views

CVE-2018-18730

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters fo...

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2022/10/17 2:15 p.m.•39 views

CVE-2022-42171

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.

9.8CVSS9.5AI score0.00171EPSS

CVE•added 2024/11/15 5:15 p.m.•39 views

CVE-2024-11248

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be launched remotely. T...

9CVSS8.9AI score0.00352EPSS

Web

CVE•added 2024/07/29 5:15 p.m.•39 views

CVE-2024-33365

Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10.20_cn allows a remote attacker to execute arbitrary code via the Virtual_Data_Check function in the bin/httpd component.

7.5CVSS7.6AI score0.03699EPSS

CVE•added 2018/10/29 12:29 p.m.•38 views

CVE-2018-18727

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2023/04/07 2:15 a.m.•38 views

CVE-2023-27015

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

9.8CVSS9.7AI score0.00271EPSS

CVE•added 2023/07/10 5:15 p.m.•38 views

CVE-2023-37711

Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the saveParentControlInfo function.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/07 7:15 p.m.•38 views

CVE-2023-38933

Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/11/29 6:15 a.m.•37 views

CVE-2023-45479

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.

9.8CVSS9.6AI score0.00255EPSS

CVE•added 2024/11/10 5:15 p.m.•37 views

CVE-2024-11056

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The expl...

9CVSS8.9AI score0.00591EPSS

Web

CVE•added 2023/06/08 3:15 p.m.•36 views

CVE-2023-34566

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo.

9.8CVSS9.6AI score0.00172EPSS

Web

CVE•added 2023/06/08 3:15 p.m.•36 views

CVE-2023-34570

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.

6.7CVSS6.7AI score0.00031EPSS

Web

CVE•added 2018/10/29 12:29 p.m.•35 views

CVE-2018-18708

7.8CVSS7.7AI score0.00334EPSS

CVE•added 2023/04/07 2:15 a.m.•35 views

CVE-2023-27021

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.

9.8CVSS9.7AI score0.00113EPSS

CVE•added 2023/06/08 3:15 p.m.•35 views

CVE-2023-34567

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.

6.7CVSS6.7AI score0.00029EPSS

Web

CVE•added 2023/06/08 3:15 p.m.•35 views

CVE-2023-34569

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.

6.7CVSS6.7AI score0.00031EPSS

Web

CVE•added 2023/08/07 7:15 p.m.•35 views

CVE-2023-38931

Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/11/29 6:15 a.m.•35 views

CVE-2023-45481

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.

9.8CVSS9.6AI score0.00243EPSS

CVE•added 2025/05/18 9:15 p.m.•35 views

CVE-2025-4896

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched remotely. The exploit has be...

9CVSS7.3AI score0.00128EPSS

Web

CVE•added 2022/10/17 2:15 p.m.•34 views

CVE-2022-42169

Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.

9.8CVSS9.6AI score0.00171EPSS

CVE•added 2023/11/29 6:15 a.m.•34 views

CVE-2023-45482

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.

9.8CVSS9.6AI score0.00255EPSS

CVE•added 2023/06/08 3:15 p.m.•30 views

CVE-2023-34571

Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.

6.7CVSS6.7AI score0.00031EPSS

Web

CVE•added 2023/08/07 7:15 p.m.•30 views

CVE-2023-38935

Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.

9.8CVSS9.6AI score0.00098EPSS

CVE•added 2023/11/29 6:15 a.m.•29 views

CVE-2023-45484

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.

9.8CVSS9.6AI score0.00255EPSS

CVE•added 2023/11/29 6:15 a.m.•28 views

CVE-2023-45483

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.

9.8CVSS9.6AI score0.00255EPSS

CVE•added 2025/07/26 5:15 a.m.•8 views

CVE-2025-8178

A vulnerability classified as critical has been found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /goform/RequestsProcessLaid. The manipulation of the argument device1D leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been...

9CVSS9AI score0.00094EPSS

Web

CVE•added 2025/08/21 5:15 p.m.•8 views

CVE-2025-9309

A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etc_ro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the atta...

7CVSS7AI score0.00014EPSS

CVE•added 2025/08/28 7:15 p.m.•6 views

CVE-2025-57215

Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info.

7.5CVSS7.3AI score0.00052EPSS

CVE•added 2025/08/28 7:15 p.m.•5 views

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafted UDP packet.

5.3CVSS6.7AI score0.00048EPSS

CVE•added 2025/08/28 6:15 p.m.•4 views

CVE-2025-57217

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler.

5.3CVSS7.2AI score0.00051EPSS

CVE•added 2025/08/28 6:15 p.m.•4 views

CVE-2025-57218

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C.

5.3CVSS7.2AI score0.00048EPSS

CVE•added 2025/08/28 7:15 p.m.•4 views

CVE-2025-57219

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.

5.3CVSS6.6AI score0.00047EPSS

Total number of security vulnerabilities85