Ac9 Security Vulnerabilities and Issues — Ac9 CVE List

Lucene search

TendaAc9

19 matches found

CVE•added 2025/06/08 2:15 p.m.•64 views

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buff...

9CVSS8.9AI score0.00108EPSS

CVE•added 2025/06/07 6:15 p.m.•60 views

CVE-2025-5839

A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may...

9CVSS8.9AI score0.00092EPSS

CVE•added 2023/08/30 1:15 p.m.•43 views

CVE-2023-41552

Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/07/14 12:15 a.m.•41 views

CVE-2023-37717

Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•41 views

CVE-2023-41553

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/07/14 12:15 a.m.•40 views

CVE-2023-37716

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2024/08/16 4:15 p.m.•40 views

CVE-2024-42634

A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15.03.06.42. As a result, attacker can execute OS commands with root privileges.

9.8CVSS7.7AI score0.05405EPSS

CVE•added 2023/08/07 7:15 p.m.•39 views

CVE-2023-38930

Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/08/07 7:15 p.m.•39 views

CVE-2023-38936

Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.

9.8CVSS9.6AI score0.00334EPSS

CVE•added 2023/08/07 7:15 p.m.•39 views

CVE-2023-38937

Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•39 views

CVE-2023-41560

Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•37 views

CVE-2023-41562

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/07 7:15 p.m.•36 views

CVE-2023-38933

Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•36 views

CVE-2023-41563

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•35 views

CVE-2023-41561

Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•34 views

CVE-2023-41556

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•31 views

CVE-2023-41559

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.

9.8CVSS9.7AI score0.00121EPSS

CVE•added 2023/08/30 1:15 p.m.•30 views

CVE-2023-41554

Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.

9.8CVSS9.6AI score0.00121EPSS

CVE•added 2023/08/07 7:15 p.m.•29 views

CVE-2023-38935

Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.

9.8CVSS9.6AI score0.00098EPSS