Skip to main content

Ac15 Firmware

97 CVEs product

Monthly

CVE-2018-16333 HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac18 Firmware Ac15 Firmware Ac10 Firmware +2
NVD GitHub
CVSS 3.0
7.5
EPSS
1.6%
CVE-2018-14492 HIGH POC This Week

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac7 Firmware Ac9 Firmware +3
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-5768 CRITICAL Act Now

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Tenda Ac15 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2018-5770 CRITICAL POC Act Now

An issue was discovered on Tenda AC15 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tenda Ac15 Firmware
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2018-5767 CRITICAL POC THREAT Act Now

An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Tenda Ac15 Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
48.0%
CVE-2017-16936 MEDIUM POC This Month

Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Tenda Ac9 Firmware Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.0
6.5
EPSS
0.8%
CVE-2017-16923 HIGH POC This Week

Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac9 Firmware Ac15 Firmware Ac18 Firmware
NVD GitHub
CVSS 3.0
8.8
EPSS
3.5%
EPSS 2% CVSS 7.5
HIGH POC This Week

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Ac18 Firmware +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda +5
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL Act Now

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Tenda +1
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered on Tenda AC15 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tenda Ac15 Firmware
NVD
EPSS 48% CVSS 9.8
CRITICAL POC THREAT Act Now

An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Tenda Ac15 Firmware
NVD Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Tenda Ac9 Firmware +2
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC This Week

Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Ac9 Firmware +2
NVD GitHub
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy