VYPR

Ac7 Firmware

by Tenda

CVEs (8)

  • CVE-2025-11523MedOct 9, 2025
    risk 0.41cvss 6.3epss 0.04

    A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be…

  • CVE-2026-4974Mar 27, 2026
    risk 0.00cvss epss 0.01

    A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to…

  • CVE-2025-11586Oct 10, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument newVersion causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been…

  • CVE-2025-11528Oct 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly…

  • CVE-2025-11527Oct 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fast_setting_pppoe_set. Executing a manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The…

  • CVE-2025-11526Oct 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing a manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit…

  • CVE-2025-11525Oct 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is an unknown function of the file /goform/SetUpnpCfg. Such manipulation of the argument upnpEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the…

  • CVE-2025-11524Oct 9, 2025
    risk 0.00cvss epss 0.01

    A flaw has been found in Tenda AC7 15.03.06.44. This issue affects some unknown processing of the file /goform/SetDDNSCfg. This manipulation of the argument ddnsEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be…