Ac18 Firmware

ac18_firmware

Vendor: Tenda • 103 CVEs

CVEs (103)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-38312 1Tenda 1Ac18 Firmware Nov 21, 2024 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind.
CVE-2022-38311 1Tenda 1Ac18 Firmware Nov 21, 2024 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet.
CVE-2022-38310 1Tenda 1Ac18 Firmware Nov 21, 2024 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg.
CVE-2022-38309 1Tenda 1Ac18 Firmware Nov 21, 2024 Sep 7, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg.
CVE-2022-35201 1Tenda 1Ac18 Firmware Nov 21, 2024 Aug 19, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
CVE-2022-30477 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
CVE-2022-30476 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
CVE-2022-30475 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request.
CVE-2022-30474 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
CVE-2022-30473 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set
CVE-2022-30472 1Tenda 1Ac18 Firmware Nov 21, 2024 May 26, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
CVE-2018-18732 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router'...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18731 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router'...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac' parameter for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18730 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router'...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and 'endIp' parameters for a post request, each value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18729 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow.Show less
CVE-2018-18728 1Tenda 3Ac15 Firmware Ac18 FirmwareAc9 Firmware Nov 21, 2024 Oct 29, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall f...Show more An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.Show less
CVE-2018-18727 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router'...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceList' parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18709 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's w...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18708 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's w...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.Show less
CVE-2018-18707 1Tenda 5Ac10 Firmware Ac15 FirmwareAc18 Firmware+2 more Nov 21, 2024 Oct 29, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's w...Show more An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.Show less

Previous 1 2 3 456 Next