Vulnerabilities > Tenda > AC9 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-25433 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25431 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25429 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25428 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-03-18 CVE-2022-25427 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.2.21
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-24 CVE-2022-25418 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-24 CVE-2022-25417 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-24 CVE-2022-25414 Out-of-bounds Write vulnerability in Tenda AC9 Firmware V15.03.2.21Cn
Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the parameter NPTR.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2022-02-11 CVE-2020-26728 Unspecified vulnerability in Tenda AC9 Firmware 15.03.05.19(6318)Cn/15.03.06.42Multi
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.
network
low complexity
tenda
critical
 9.8
9.8
2018-10-30 CVE-2018-14558 OS Command Injection vulnerability in Tenda Ac10 Firmware, AC7 Firmware and AC9 Firmware
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10).
network
low complexity
tenda CWE-78
critical
 9.8
9.8