Ac18 Firmware Security Vulnerabilities and Issues — Ac18 Firmware CVE List

Lucene search

TendaAc18 Firmware

13 matches found

CVE•added 2025/01/16 9:15 p.m.•62 views

CVE-2024-57579

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function.

9.8CVSS7.9AI score0.001EPSS

CVE•added 2025/01/16 9:15 p.m.•60 views

CVE-2024-57581

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

9.8CVSS7.9AI score0.00124EPSS

CVE•added 2025/01/16 9:15 p.m.•58 views

CVE-2024-57582

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function.

9.8CVSS7.9AI score0.00124EPSS

CVE•added 2025/01/16 9:15 p.m.•56 views

CVE-2024-57580

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.

9.8CVSS8.1AI score0.0004EPSS

CVE•added 2025/01/16 9:15 p.m.•43 views

CVE-2024-57578

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function.

8.8CVSS8.1AI score0.00054EPSS

CVE•added 2025/06/04 8:15 p.m.•43 views

CVE-2025-5607

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been dis...

9CVSS7.2AI score0.00092EPSS

CVE•added 2025/06/04 8:15 p.m.•42 views

CVE-2025-5609

A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The exploit has been di...

9CVSS8.9AI score0.00092EPSS

CVE•added 2025/01/17 3:15 p.m.•40 views

CVE-2025-0528

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The attack may be launched r...

8.6CVSS7.7AI score0.01073EPSS

CVE•added 2025/06/04 7:15 p.m.•40 views

CVE-2025-5606

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argument list leads to command injection. The attack can be initiated remotely. The exploit has been dis...

9.8CVSS6.9AI score0.01235EPSS

CVE•added 2025/06/04 8:15 p.m.•40 views

CVE-2025-5608

A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has b...

9CVSS7.2AI score0.00092EPSS

CVE•added 2025/01/16 9:15 p.m.•36 views

CVE-2024-57577

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

5.7CVSS7.9AI score0.00051EPSS

CVE•added 2025/01/16 9:15 p.m.•34 views

CVE-2024-57583

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function.

9.8CVSS8AI score0.01347EPSS

CVE•added 2025/01/16 9:15 p.m.•32 views

CVE-2024-57575

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

9.8CVSS7.6AI score0.00139EPSS