Vulnerabilities > Tenda > AC7 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-07 | CVE-2023-38933 | Out-of-bounds Write vulnerability in Tenda products Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | 9.8 |
| 2023-08-07 | CVE-2023-38936 | Out-of-bounds Write vulnerability in Tenda products Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | 9.8 |
| 2023-08-07 | CVE-2023-38937 | Out-of-bounds Write vulnerability in Tenda products Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. | 9.8 |
| 2023-07-14 | CVE-2023-37714 | Out-of-bounds Write vulnerability in Tenda products Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic. | 9.8 |
| 2023-07-14 | CVE-2023-37716 | Out-of-bounds Write vulnerability in Tenda products Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting. | 9.8 |
| 2023-07-14 | CVE-2023-37717 | Out-of-bounds Write vulnerability in Tenda products Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient. | 9.8 |
| 2019-04-25 | CVE-2018-14559 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 7.5 |
| 2019-04-25 | CVE-2018-14557 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 7.5 |
| 2018-10-30 | CVE-2018-14558 | OS Command Injection vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 9.8 |
| 2018-10-29 | CVE-2018-18732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda products An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. | 7.5 |