Vulnerabilities > Tenda > AC9 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-24543 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.06.42Multi Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | 9.8 |
| 2023-11-20 | CVE-2023-38823 | Classic Buffer Overflow vulnerability in Tenda products Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | 9.8 |
| 2023-08-30 | CVE-2023-41552 | Out-of-bounds Write vulnerability in Tenda AC7 Firmware and AC9 Firmware Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url /goform/fast_setting_wifi_set. | 9.8 |
| 2023-08-30 | CVE-2023-41553 | Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetStaticRouteCfg. | 9.8 |
| 2023-08-30 | CVE-2023-41554 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 5.03.06.42Multi Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet. | 9.8 |
| 2023-08-30 | CVE-2023-41556 | Out-of-bounds Write vulnerability in Tenda AC5 Firmware, AC7 Firmware and AC9 Firmware Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind. | 9.8 |
| 2023-08-30 | CVE-2023-41559 | Out-of-bounds Write vulnerability in Tenda AC5 Firmware, AC7 Firmware and AC9 Firmware Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting. | 9.8 |
| 2023-08-30 | CVE-2023-41560 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.06.42Multi Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg. | 9.8 |
| 2023-08-30 | CVE-2023-41561 | Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg. | 9.8 |
| 2023-08-30 | CVE-2023-41562 | Out-of-bounds Write vulnerability in Tenda AC5 Firmware, AC7 Firmware and AC9 Firmware Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet. | 9.8 |