Vulnerabilities > Tenda > AC6 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2021-40546 | Improper Resource Shutdown or Release vulnerability in Tenda AC6 Firmware 02.03.01.26 Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi. | 4.9 |
| 2023-06-26 | CVE-2022-40010 | Cross-site Scripting vulnerability in Tenda AC6 Firmware 15.03.06.50Multi Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module. | 5.4 |
| 2022-12-02 | CVE-2022-45673 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | 6.5 |
| 2022-12-02 | CVE-2022-45674 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |