Vulnerabilities > Tenda > AC9 Firmware > 15.03.06.42.multi

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-24543 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.06.42Multi
Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41559 Out-of-bounds Write vulnerability in Tenda AC5 Firmware, AC7 Firmware and AC9 Firmware
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter page at url /goform/NatStaticSetting.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41560 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.06.42Multi
Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41561 Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter startIp and endIp at url /goform/SetPptpServerCfg.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41562 Out-of-bounds Write vulnerability in Tenda AC5 Firmware, AC7 Firmware and AC9 Firmware
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter time at url /goform/PowerSaveSet.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-30 CVE-2023-41563 Out-of-bounds Write vulnerability in Tenda AC5 Firmware and AC9 Firmware
Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at url /goform/GetParentControlInfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38930 Out-of-bounds Write vulnerability in Tenda products
Tenda AC7 V1.0,V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0,V15.03.06.28, AC9 V3.0,V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38933 Out-of-bounds Write vulnerability in Tenda products
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38935 Out-of-bounds Write vulnerability in Tenda products
Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-08-07 CVE-2023-38936 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8