Vulnerabilities > Tendacn > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-29 | CVE-2021-31624 | Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter. | 8.8 |
| 2021-10-29 | CVE-2021-31627 | Classic Buffer Overflow vulnerability in Tendacn AC9 Firmware Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter. | 8.8 |
| 2021-09-30 | CVE-2020-20746 | Out-of-bounds Write vulnerability in Tendacn AC9 Firmware 15.03.06.60En A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | 7.2 |
| 2020-12-28 | CVE-2020-28094 | Unspecified vulnerability in Tendacn Ac1200 Firmware 15.03.06.51 On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning. | 7.5 |
| 2020-12-28 | CVE-2020-28093 | Unspecified vulnerability in Tendacn Ac1200 Firmware 15.03.06.51 On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234. | 7.2 |
| 2020-06-25 | CVE-2019-19506 | Infinite Loop vulnerability in Tendacn PA6 Firmware 1.0.1.21 Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. | 7.5 |
| 2020-06-25 | CVE-2019-19505 | Out-of-bounds Write vulnerability in Tendacn PA6 Firmware 1.0.1.21 Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the "Wireless" section in the web-UI. | 8.8 |
| 2020-06-25 | CVE-2019-16213 | OS Command Injection vulnerability in Tendacn PA6 Firmware 1.0.1.21 Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2019-11-21 | CVE-2019-5072 | OS Command Injection vulnerability in Tendacn Ac9V1.0 Firmware 15.03.05.14En/15.03.05.16Multitru An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). | 7.8 |
| 2019-11-21 | CVE-2019-5071 | OS Command Injection vulnerability in Tendacn Ac9V1.0 Firmware 15.03.05.14En/15.03.05.16Multitru An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route (AC9V1.0 Firmware V15.03.05.16multiTRU). | 7.8 |