Vulnerabilities > Tenda > AC6 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-38823 Classic Buffer Overflow vulnerability in Tenda products
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-10-03 CVE-2023-40830 Classic Buffer Overflow vulnerability in Tenda AC6 Firmware 15.03.05.19
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-09-05 CVE-2021-40546 Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26
Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.
network
low complexity
tenda CWE-404
4.9
4.9
2023-08-30 CVE-2023-40837 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-30 CVE-2023-40838 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-30 CVE-2023-40839 OS Command Injection vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2023-08-30 CVE-2023-40840 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40841 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40842 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-40843 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
network
low complexity
tenda CWE-787
critical
 9.8
9.8