Ac15 Firmware Security Vulnerabilities and Issues — Page 2 of Ac15 Firmware CVE List

Lucene search

TendaAc15 Firmware

70 matches found

CVE•added 2024/11/01 4:15 p.m.•43 views

CVE-2024-10661

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

9CVSS8.9AI score0.00507EPSS

CVE•added 2017/11/24 7:29 a.m.•42 views

CVE-2017-16936

Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15...

6.5CVSS6.5AI score0.00849EPSS

CVE•added 2023/04/24 2:15 p.m.•42 views

CVE-2023-30369

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.

9.8CVSS9.4AI score0.00121EPSS

CVE•added 2023/08/18 3:15 a.m.•42 views

CVE-2023-39673

Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2018/10/29 12:29 p.m.•41 views

CVE-2018-18706

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromD...

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2024/04/17 4:15 p.m.•41 views

CVE-2024-32303

Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.

8CVSS7.4AI score0.00097EPSS

CVE•added 2020/07/13 7:15 p.m.•40 views

CVE-2020-10989

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.

6.1CVSS6.2AI score0.00317EPSS

CVE•added 2024/11/01 4:15 p.m.•40 views

CVE-2024-10662

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit ha...

9CVSS8.9AI score0.0052EPSS

CVE•added 2025/03/05 9:15 p.m.•40 views

CVE-2025-25634

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow.

6.5CVSS7.4AI score0.00053EPSS

CVE•added 2020/07/13 7:15 p.m.•39 views

CVE-2020-10988

A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.

10CVSS9.3AI score0.06405EPSS

CVE•added 2025/06/08 10:15 p.m.•39 views

CVE-2025-5848

A vulnerability was found in Tenda AC15 15.03.05.19_multi and classified as critical. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. The manipulation of the argument list leads to buffer overflow. The attack...

9CVSS8.9AI score0.00092EPSS

CVE•added 2018/10/29 12:29 p.m.•38 views

CVE-2018-18707

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2018/10/29 12:29 p.m.•38 views

CVE-2018-18730

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters fo...

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2024/09/10 4:15 p.m.•38 views

CVE-2023-36103

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.

9.8CVSS7.8AI score0.09286EPSS

CVE•added 2018/10/29 12:29 p.m.•37 views

CVE-2018-18727

7.8CVSS7.7AI score0.00314EPSS

CVE•added 2025/06/08 11:15 p.m.•37 views

CVE-2025-5850

A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack ca...

9CVSS7.3AI score0.00126EPSS

CVE•added 2022/09/23 3:15 p.m.•36 views

CVE-2022-40851

Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.

9.8CVSS9.6AI score0.0991EPSS

CVE•added 2023/04/24 3:15 p.m.•35 views

CVE-2023-30378

In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2018/10/29 12:29 p.m.•34 views

CVE-2018-18708

7.8CVSS7.7AI score0.00334EPSS

CVE•added 2025/06/08 11:15 p.m.•34 views

CVE-2025-5849

A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflo...

9CVSS8.9AI score0.00108EPSS

Total number of security vulnerabilities70