VYPR

Ac21 Firmware

by Tenda

CVEs (8)

  • CVE-2026-4565HigMar 23, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and…

  • CVE-2026-1638MedJan 30, 2026
    risk 0.41cvss 6.3epss 0.02

    A security flaw has been discovered in Tenda AC21 1.1.1.1/1.dmzip/16.03.08.16. The impacted element is the function mDMZSetCfg of the file /goform/mDMZSetCfg. The manipulation of the argument dmzIp results in command injection. The attack can be executed remotely. The exploit…

  • CVE-2026-2148Feb 8, 2026
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely.…

  • CVE-2026-2147Feb 8, 2026
    risk 0.00cvss epss 0.01

    A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The…

  • CVE-2026-1637Jan 29, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly…

  • CVE-2025-13446Nov 20, 2025
    risk 0.00cvss epss 0.03

    A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The…

  • CVE-2025-13445Nov 20, 2025
    risk 0.00cvss epss 0.03

    A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing a manipulation of the argument list can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be…

  • CVE-2025-12611Nov 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit…