Ac7 Firmware Security Vulnerabilities and Issues — Ac7 Firmware CVE List

Lucene search

TendaAc7 Firmware

9 matches found

CVE•added 2025/03/02 5:15 p.m.•83 views

CVE-2025-1819

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lan_ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been dis...

9.8CVSS6.9AI score0.00435EPSS

CVE•added 2025/03/19 4:15 p.m.•50 views

CVE-2025-29137

Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set function, which can cause RCE.

9.8CVSS7.1AI score0.00088EPSS

CVE•added 2025/03/03 5:15 a.m.•48 views

CVE-2025-1851

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remot...

9CVSS7.2AI score0.00159EPSS

CVE•added 2025/03/24 9:15 p.m.•47 views

CVE-2025-29135

A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.

9.8CVSS8.8AI score0.00546EPSS

CVE•added 2025/04/07 10:15 a.m.•43 views

CVE-2025-3346

A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_server_start_ip/pptp_server_end_ip leads to buffer overflow. The attack may be laun...

9CVSS7.1AI score0.0015EPSS

CVE•added 2025/06/09 5:15 a.m.•41 views

CVE-2025-5862

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclose...

9.8CVSS8.9AI score0.00096EPSS

CVE•added 2025/06/09 5:15 a.m.•40 views

CVE-2025-5861

A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be initiated remotely. The exploit has been ...

9.8CVSS8.9AI score0.00115EPSS

CVE•added 2025/05/16 8:15 p.m.•30 views

CVE-2025-4809

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch the attack remotely. ...

9CVSS7.2AI score0.00106EPSS

CVE•added 2025/05/16 9:15 p.m.•26 views

CVE-2025-4810

A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can be launched r...

9CVSS8.9AI score0.00106EPSS