Vulnerabilities > Tenda > AC9 Firmware

DATE CVE VULNERABILITY TITLE RISK
2025-03-14 CVE-2025-29384 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29385 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29386 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29387 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
high complexity
tenda CWE-787
7.1
7.1
2024-10-23 CVE-2024-10280 NULL Pointer Dereference vulnerability in Tenda products
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022.
network
low complexity
tenda CWE-476
7.5
7.5
2024-02-05 CVE-2024-24543 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.06.42Multi
Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-11-20 CVE-2023-38823 Classic Buffer Overflow vulnerability in Tenda products
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
network
low complexity
tenda CWE-120
critical
 9.8
9.8
2023-08-30 CVE-2023-41552 Out-of-bounds Write vulnerability in Tenda AC7 Firmware and AC9 Firmware
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41553 Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41554 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 5.03.06.42Multi
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8