Vulnerabilities > Tenda > Ac15 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-21 | CVE-2022-44167 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18 Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. | 7.5 |
| 2022-11-21 | CVE-2022-44168 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18 Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. | 7.5 |
| 2022-11-21 | CVE-2022-44169 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18 Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. | 7.5 |
| 2022-10-18 | CVE-2022-43259 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18/15.03.05.19 Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | 7.5 |
| 2022-09-23 | CVE-2022-40851 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.19 Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | 9.8 |
| 2022-08-19 | CVE-2022-37175 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.18 Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet. | 9.8 |
| 2022-05-04 | CVE-2022-28556 | Out-of-bounds Write vulnerability in Tenda Ac15 Firmware 15.03.05.20Multitde01 Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin is vulnerable to Buffer Overflow. | 7.5 |
| 2022-05-04 | CVE-2022-28557 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.20Multitde01 There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution | 9.8 |
| 2022-01-28 | CVE-2021-44971 | Incorrect Comparison vulnerability in Tenda Ac15 Firmware and AC5 Firmware Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. | 9.8 |
| 2020-07-23 | CVE-2020-15916 | OS Command Injection vulnerability in Tenda Ac15 Firmware 15.03.05.19 goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | 9.8 |