Vulnerabilities > Tenda > AC6 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2024-52714 | Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.06.50Multi Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime. | 9.8 |
| 2024-11-02 | CVE-2024-10698 | Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.19 A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. | 9.8 |
| 2024-11-02 | CVE-2024-10697 | Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.19 A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. | 9.8 |
| 2024-10-23 | CVE-2024-10280 | NULL Pointer Dereference vulnerability in Tenda products A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. | 7.5 |
| 2023-11-20 | CVE-2023-38823 | Classic Buffer Overflow vulnerability in Tenda products Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | 9.8 |
| 2023-10-03 | CVE-2023-40830 | Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | 9.8 |
| 2023-09-05 | CVE-2021-40546 | Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26 Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | 4.9 |
| 2023-08-30 | CVE-2023-40837 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. | 9.8 |
| 2023-08-30 | CVE-2023-40838 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability. | 9.8 |
| 2023-08-30 | CVE-2023-40839 | OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16 Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. | 9.8 |