Vulnerabilities > Tenda > AC5 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-38935 Out-of-bounds Write vulnerability in Tenda products
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38936 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38937 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-07-14 CVE-2023-37716 Out-of-bounds Write vulnerability in Tenda products
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-07-14 CVE-2023-37717 Out-of-bounds Write vulnerability in Tenda products
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-05-16 CVE-2023-31587 Unspecified vulnerability in Tenda AC5 Firmware 15.03.06.28
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
network
low complexity
tenda
critical
 9.8
9.8
2023-04-24 CVE-2023-30368 Out-of-bounds Write vulnerability in Tenda AC5 Firmware 15.03.06.28
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-07 CVE-2023-25210 Out-of-bounds Write vulnerability in Tenda AC5 Firmware 15.03.06.28
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-07 CVE-2023-25211 Out-of-bounds Write vulnerability in Tenda AC5 Firmware 15.03.06.28
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-04-07 CVE-2023-25212 Out-of-bounds Write vulnerability in Tenda AC5 Firmware 15.03.06.28
Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8