Ac6 Firmware@15.03.05.16 Security Vulnerabilities and Issues — Ac6 Firmware@15.03.05.16 CVE List

Lucene search

TendaAc6 Firmware15.03.05.16

26 matches found

CVE•added 2023/08/30 5:15 p.m.•134 views

CVE-2023-40838

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.

9.8CVSS9.5AI score0.00153EPSS

CVE•added 2023/08/30 5:15 p.m.•125 views

CVE-2023-40837

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute commands.

9.8CVSS9.6AI score0.00114EPSS

CVE•added 2023/08/18 3:15 a.m.•118 views

CVE-2023-39670

Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/28 2:15 p.m.•111 views

CVE-2023-40846

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.

9.8CVSS9.4AI score0.00121EPSS

CVE•added 2025/01/09 11:15 a.m.•101 views

CVE-2025-0349

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The ex...

9.8CVSS9AI score0.00431EPSS

CVE•added 2025/02/12 7:15 p.m.•77 views

CVE-2025-25343

Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.

9.8CVSS7.2AI score0.00086EPSS

CVE•added 2025/06/09 1:15 a.m.•62 views

CVE-2025-5852

A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclo...

9CVSS9AI score0.00092EPSS

CVE•added 2025/03/02 11:15 a.m.•53 views

CVE-2025-1814

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be launched remotely...

9.8CVSS7.1AI score0.00034EPSS

CVE•added 2025/03/20 5:15 p.m.•49 views

CVE-2025-29121

A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.

7.5CVSS7.1AI score0.00086EPSS

CVE•added 2025/03/14 2:15 p.m.•46 views

CVE-2025-29030

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.

9.8CVSS7.9AI score0.00082EPSS

CVE•added 2025/03/14 2:15 p.m.•45 views

CVE-2025-29029

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.

9.8CVSS7.9AI score0.00082EPSS

CVE•added 2025/03/14 2:15 p.m.•44 views

CVE-2025-29031

Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.

9.8CVSS7.9AI score0.00082EPSS

CVE•added 2025/06/09 1:15 a.m.•41 views

CVE-2025-5853

A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS8.9AI score0.00148EPSS

CVE•added 2025/06/09 1:15 a.m.•41 views

CVE-2025-5854

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has...

9CVSS8.8AI score0.00092EPSS

CVE•added 2025/06/09 2:15 a.m.•40 views

CVE-2025-5855

A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T...

9.8CVSS8.9AI score0.00138EPSS

CVE•added 2023/08/30 5:15 p.m.•39 views

CVE-2023-40839

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.

9.8CVSS9.6AI score0.00114EPSS

CVE•added 2023/08/30 5:15 p.m.•35 views

CVE-2023-40840

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2023/08/30 5:15 p.m.•35 views

CVE-2023-40845

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.

9.8CVSS9.4AI score0.00121EPSS

CVE•added 2023/08/30 5:15 p.m.•34 views

CVE-2023-40842

Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2025/06/02 3:15 p.m.•34 views

CVE-2025-44172

Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

6.5CVSS7.9AI score0.0005EPSS

CVE•added 2023/08/30 5:15 p.m.•33 views

CVE-2023-40841

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2025/06/12 4:15 p.m.•31 views

CVE-2025-46035

Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint

7.5CVSS7.3AI score0.0005EPSS

CVE•added 2023/08/30 5:15 p.m.•30 views

CVE-2023-40843

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2023/08/30 5:15 p.m.•29 views

CVE-2023-40848

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2023/08/30 5:15 p.m.•28 views

CVE-2023-40844

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'

9.8CVSS9.3AI score0.00121EPSS

CVE•added 2023/08/30 5:15 p.m.•28 views

CVE-2023-40847

Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.

9.8CVSS9.3AI score0.00121EPSS