Vulnerabilities > Tenda > AC9 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-25437 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25438 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-03-18 CVE-2022-25439 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25440 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25441 OS Command Injection vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function.
network
low complexity
tenda CWE-78
critical
 9.8
9.8
2022-02-24 CVE-2022-25414 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-24 CVE-2022-25417 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-24 CVE-2022-25418 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-11 CVE-2020-26728 Unspecified vulnerability in Tenda AC9 Firmware 15.03.05.19(6318)Cn/15.03.06.42Multi
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.
network
low complexity
tenda
critical
 9.8
9.8
2019-04-25 CVE-2018-14559 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10).
network
low complexity
tenda CWE-119
7.5
7.5