Vulnerabilities > Tenda > Ac15 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-03-22 CVE-2024-2816 Unspecified vulnerability in Tenda Ac15 Firmware 15.03.05.18
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18.
network
low complexity
tenda
6.5
2024-03-22 CVE-2024-2817 Unspecified vulnerability in Tenda Ac15 Firmware 15.03.05.18
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18.
network
low complexity
tenda
6.5
2020-07-13 CVE-2020-10989 Cross-site Scripting vulnerability in Tenda Ac15 Firmware 15.03.05.19
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.
network
low complexity
tenda CWE-79
6.1
2020-07-13 CVE-2020-10986 Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac15 Firmware 15.03.05.19
A CSRF issue in the /goform/SysToolReboot endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to reboot the device and cause denial of service via a payload hosted by an attacker-controlled web page.
network
low complexity
tenda CWE-352
6.5
2017-11-24 CVE-2017-16936 Path Traversal vulnerability in Tenda Ac15 Firmware, Ac18 Firmware and AC9 Firmware
Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring.
low complexity
tenda CWE-22
6.5