VYPR

Ac8 Firmware

by Tenda

CVEs (7)

  • CVE-2026-4252CriMar 16, 2026
    risk 0.64cvss 9.8epss 0.01

    A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is…

  • CVE-2026-4253MedMar 16, 2026
    risk 0.31cvss 4.7epss 0.07

    A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route_set_user_policy_rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to…

  • CVE-2026-4254Mar 16, 2026
    risk 0.00cvss epss 0.01

    A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local_2c causes stack-based buffer overflow. The attack can…

  • CVE-2026-3044Feb 23, 2026
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the…

  • CVE-2026-2203Feb 9, 2026
    risk 0.00cvss epss 0.01

    A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of…

  • CVE-2026-2202Feb 9, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of the component httpd. The manipulation of the argument shareSpeed results in buffer overflow. The attack may be launched remotely. The exploit…

  • CVE-2025-12618Nov 3, 2025
    risk 0.00cvss epss 0.05

    A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and…