Skip to main content

Ac15 Firmware

97 CVEs product

Monthly

CVE-2026-24103 CRITICAL POC Act Now

Buffer overflow in Tenda AC15V1.0 via formSetMacFilterCfg. PoC available.

Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-24105 CRITICAL POC Act Now

Tenda AC15 router has a code injection in formsetUsbUnload (EPSS 1.7%) enabling unauthenticated remote code execution.

Command Injection Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2026-24101 CRITICAL POC Act Now

Tenda AC15 router has a command injection in formSetIptv (EPSS 1.1%) enabling unauthenticated root-level code execution.

Command Injection Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2026-3400 HIGH POC This Week

Remote code execution in Tenda AC15 firmware versions up to 15.13.07.13 via a stack-based buffer overflow in the /goform/TextEditingConversion endpoint allows unauthenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for deployed devices. An attacker can exploit this remotely with minimal complexity by manipulating the wpapsk_crypto2_4g parameter.

Buffer Overflow Stack Overflow Ac15 Firmware
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-63666 CRITICAL POC Act Now

Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Authentication Bypass Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-10443 HIGH POC This Week

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac9 Firmware Ac15 Firmware
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.5%
CVE-2025-55564 HIGH POC This Week

Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-8979 MEDIUM POC This Week

A vulnerability was identified in Tenda AC15 15.13.07.13. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Tenda Information Disclosure Ac15 Firmware
NVD VulDB GitHub
CVSS 4.0
6.6
EPSS
0.2%
CVE-2025-5851 HIGH POC This Week

A critical buffer overflow vulnerability exists in Tenda AC15 firmware version 15.03.05.19_multi affecting the HTTP POST request handler for the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit improper input validation of the lanMask parameter to achieve buffer overflow, leading to arbitrary code execution, information disclosure, and denial of service. Public exploit code is available and the vulnerability is actively disclosed, increasing real-world exploitation risk.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-5850 HIGH POC This Week

Critical buffer overflow vulnerability in Tenda AC15 firmware version 15.03.05.19_multi affecting the HTTP POST request handler's LED configuration function. An authenticated remote attacker can exploit improper input validation on the 'Time' parameter to achieve buffer overflow, leading to complete system compromise including confidentiality, integrity, and availability violations. Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-5849 HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-5848 HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow RCE Ac15 Firmware Tenda
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2025-3786 HIGH POC This Week

A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.6%
CVE-2025-29462 CRITICAL POC Act Now

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-25634 MEDIUM POC This Month

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-25632 CRITICAL POC THREAT Emergency

Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.

Command Injection Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
10.8%
CVE-2025-0566 HIGH POC THREAT This Week

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

Tenda Buffer Overflow Ac15 Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
10.2%
CVE-2024-10662 HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.2%
CVE-2024-10661 HIGH POC This Week

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
1.1%
CVE-2024-10280 HIGH This Week

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Tenda Denial Of Service Ac15 Firmware Ac7 Firmware +8
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.8%
CVE-2024-32303 HIGH This Week

Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.4%
CVE-2024-30840 MEDIUM This Month

A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Stack Overflow Denial Of Service Ac15 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-30645 HIGH This Week

Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
1.0%
CVE-2024-30613 MEDIUM This Month

Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Memory Corruption Ac15 Firmware
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-2855 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2852 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2851 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
4.0%
CVE-2024-2850 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2817 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-2816 MEDIUM POC This Month

A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-2815 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2814 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2813 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2812 HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
4.0%
CVE-2024-2811 CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-2810 CRITICAL POC Act Now

A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2809 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.9%
CVE-2024-2808 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-2807 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-2806 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-2805 HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac15 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-39673 CRITICAL Act Now

Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-30378 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30376 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30375 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30373 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30372 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30371 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30370 CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-30369 CRITICAL Act Now

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-44156 HIGH POC This Week

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-44169 HIGH POC This Week

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-44168 HIGH POC This Week

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-44167 HIGH POC This Week

Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-43259 HIGH POC This Week

Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-40851 CRITICAL POC Act Now

Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
9.5%
CVE-2022-40869 CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-40865 CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-40864 CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-40862 CRITICAL POC Act Now

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-40860 CRITICAL POC Act Now

Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-40853 CRITICAL POC Act Now

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-38326 CRITICAL POC Act Now

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-38325 CRITICAL POC Act Now

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-37175 CRITICAL Act Now

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow Ac15 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-28557 CRITICAL POC THREAT Act Now

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
22.0%
CVE-2022-28556 HIGH POC This Week

Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Memory Corruption Buffer Overflow Ac15 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-44971 CRITICAL Act Now

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda Command Injection Ac15 Firmware Ac5 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-44352 CRITICAL POC THREAT Act Now

A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Tenda Ac15 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
13.4%
CVE-2020-15916 CRITICAL POC Act Now

goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2020-10989 MEDIUM POC This Month

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tenda Ac15 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-10988 CRITICAL POC Act Now

A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Authentication Bypass Ac15 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-10987 CRITICAL POC KEV THREAT Act Now

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD
CVSS 3.1
9.8
EPSS
79.7%
CVE-2020-10986 MEDIUM POC This Month

A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service CSRF Ac15 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-13394 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-13393 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2020-13392 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-13391 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-13390 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-13389 CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE Ac6 Firmware Ac9 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2018-18732 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18731 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18730 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18729 CRITICAL POC Act Now

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware +3
NVD GitHub
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-18728 CRITICAL POC Act Now

An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda RCE Command Injection Ac9 Firmware Ac15 Firmware +1
NVD GitHub
CVSS 3.0
9.8
EPSS
3.0%
CVE-2018-18727 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18709 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18708 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-18707 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18706 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Buffer overflow in Tenda AC15V1.0 via formSetMacFilterCfg. PoC available.

Buffer Overflow Ac15 Firmware
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 router has a code injection in formsetUsbUnload (EPSS 1.7%) enabling unauthenticated remote code execution.

Command Injection Ac15 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 router has a command injection in formSetIptv (EPSS 1.1%) enabling unauthenticated root-level code execution.

Command Injection Ac15 Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda AC15 firmware versions up to 15.13.07.13 via a stack-based buffer overflow in the /goform/TextEditingConversion endpoint allows unauthenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for deployed devices. An attacker can exploit this remotely with minimal complexity by manipulating the wpapsk_crypto2_4g parameter.

Buffer Overflow Stack Overflow Ac15 Firmware
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Authentication Bypass Ac15 Firmware
NVD GitHub
EPSS 0% CVSS 7.4
HIGH POC This Week

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac9 Firmware +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH POC This Week

Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 6.6
MEDIUM POC This Week

A vulnerability was identified in Tenda AC15 15.13.07.13. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Tenda Information Disclosure Ac15 Firmware
NVD VulDB GitHub
EPSS 0% CVSS 8.8
HIGH POC This Week

A critical buffer overflow vulnerability exists in Tenda AC15 firmware version 15.03.05.19_multi affecting the HTTP POST request handler for the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit improper input validation of the lanMask parameter to achieve buffer overflow, leading to arbitrary code execution, information disclosure, and denial of service. Public exploit code is available and the vulnerability is actively disclosed, increasing real-world exploitation risk.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Critical buffer overflow vulnerability in Tenda AC15 firmware version 15.03.05.19_multi affecting the HTTP POST request handler's LED configuration function. An authenticated remote attacker can exploit improper input validation on the 'Time' parameter to achieve buffer overflow, leading to complete system compromise including confidentiality, integrity, and availability violations. Public exploit code has been disclosed and the vulnerability meets criteria for active exploitation risk.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow Ac15 Firmware Tenda
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A buffer overflow vulnerability in A vulnerability (CVSS 8.8). Risk factors: public PoC available.

Buffer Overflow RCE Ac15 Firmware +1
NVD VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Stack Overflow +1
NVD GitHub
EPSS 11% CVSS 9.8
CRITICAL POC THREAT Emergency

Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.

Command Injection Tenda Ac15 Firmware
NVD GitHub
EPSS 10% CVSS 8.7
HIGH POC THREAT This Week

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

Tenda Buffer Overflow Ac15 Firmware
NVD VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 8.7
HIGH POC This Week

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 7.1
HIGH This Week

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Tenda Denial Of Service +10
NVD GitHub VulDB
EPSS 0% CVSS 8.0
HIGH This Week

Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Stack Overflow +2
NVD GitHub
EPSS 1% CVSS 8.0
HIGH This Week

Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 4% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac15 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac15 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 4% CVSS 8.8
HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 2% CVSS 8.8
HIGH POC This Week

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow +1
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tenda Ac15 Firmware
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tenda +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD
EPSS 9% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +2
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac15 Firmware +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Tenda Buffer Overflow +1
NVD
EPSS 22% CVSS 9.8
CRITICAL POC THREAT Act Now

There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Memory Corruption Buffer Overflow +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL Act Now

Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda Command Injection +2
NVD GitHub VulDB
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Tenda +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tenda Ac15 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Authentication Bypass Ac15 Firmware
NVD
EPSS 80% CVSS 9.8
CRITICAL POC KEV THREAT Act Now

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac15 Firmware
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Denial Of Service CSRF +1
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda RCE +4
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda +5
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda RCE Command Injection +3
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac7 Firmware +4
NVD GitHub
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy