Vulnerabilities > Tenda > Ac15 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-22 | CVE-2024-2816 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.18 A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. | 6.5 |
| 2024-03-22 | CVE-2024-2817 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.18 A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. | 6.5 |
| 2020-07-13 | CVE-2020-10989 | Cross-site Scripting vulnerability in Tenda Ac15 Firmware 15.03.05.19 An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter. | 6.1 |
| 2020-07-13 | CVE-2020-10986 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.19 A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page. | 6.5 |
| 2017-11-24 | CVE-2017-16936 | Path Traversal vulnerability in Tenda Ac15 Firmware, Ac18 Firmware and AC9 Firmware Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring. | 6.5 |