Vulnerabilities > Tenda > AC9 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2022-25441 | OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21 Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function. | 9.8 |
| 2022-02-24 | CVE-2022-25414 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR. | 9.8 |
| 2022-02-24 | CVE-2022-25417 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo. | 9.8 |
| 2022-02-24 | CVE-2022-25418 | Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi. | 9.8 |
| 2022-02-11 | CVE-2020-26728 | Unspecified vulnerability in Tenda AC9 Firmware 15.03.05.19(6318)Cn/15.03.06.42Multi A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request. | 9.8 |
| 2019-04-25 | CVE-2018-14559 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 7.5 |
| 2019-04-25 | CVE-2018-14557 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 7.5 |
| 2018-10-30 | CVE-2018-14558 | OS Command Injection vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). | 9.8 |
| 2018-10-29 | CVE-2018-18732 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda products An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. | 7.5 |
| 2018-10-29 | CVE-2018-18731 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda products An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. | 7.5 |