Ac9 Firmware

ac9_firmware

Vendor: Tenda • 92 CVEs

CVEs (92)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-26278 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 28, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVE-2022-25441 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function.
CVE-2022-25440 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
CVE-2022-25439 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
CVE-2022-25438 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
CVE-2022-25437 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
CVE-2022-25435 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
CVE-2022-25434 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
CVE-2022-25433 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
CVE-2022-25431 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
CVE-2022-25429 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
CVE-2022-25428 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
CVE-2022-25427 1Tenda 1Ac9 Firmware Nov 21, 2024 Mar 18, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
CVE-2022-25418 1Tenda 1Ac9 Firmware Nov 21, 2024 Feb 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.
CVE-2022-25417 1Tenda 1Ac9 Firmware Nov 21, 2024 Feb 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.
CVE-2022-25414 1Tenda 1Ac9 Firmware Nov 21, 2024 Feb 24, 2022 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR.
CVE-2020-26728 1Tenda 1Ac9 Firmware Nov 21, 2024 Feb 11, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall functi...Show more A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.Show less
CVE-2018-14559 1Tenda 3Ac10 Firmware Ac7 FirmwareAc9 Firmware Nov 21, 2024 Apr 25, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffe...Show more An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the list parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow.Show less
CVE-2018-14557 1Tenda 3Ac10 Firmware Ac7 FirmwareAc9 Firmware Nov 21, 2024 Apr 25, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffe...Show more An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A buffer overflow vulnerability exists in the router's web server (httpd). When processing the page parameters for a post request, the value is directly written with sprintf to a local variable placed on the stack, which overrides the return address of the function, a causing buffer overflow.Show less
CVE-2018-14558 1Tenda 3Ac10 Firmware Ac7 FirmwareAc9 Firmware Nov 7, 2025 Oct 30, 2018 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A comma...Show more An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.Show less

Previous 1 2 345 Next