Vulnerabilities > Tenda > AC9 Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-38937 Out-of-bounds Write vulnerability in Tenda products
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-07-14 CVE-2023-37716 Out-of-bounds Write vulnerability in Tenda products
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2023-07-14 CVE-2023-37717 Out-of-bounds Write vulnerability in Tenda products
Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-08-31 CVE-2022-36568 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.19
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
network
low complexity
tenda CWE-787
8.8
8.8
2022-08-31 CVE-2022-36569 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.19
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
network
low complexity
tenda CWE-787
8.8
8.8
2022-08-31 CVE-2022-36570 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.19
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
network
low complexity
tenda CWE-787
7.2
7.2
2022-08-31 CVE-2022-36571 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.19
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
network
low complexity
tenda CWE-787
7.2
7.2
2022-08-16 CVE-2022-36273 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-05-24 CVE-2021-42659 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda AC9 Firmware 15.03.05.19(6318)/15.03.06.42Multi
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi.
low complexity
tenda CWE-119
6.5
6.5
2022-05-03 CVE-2022-28560 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21Cn
There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router.
network
low complexity
tenda CWE-787
critical
 9.8
9.8