AC6
by Tenda
CVEs (128)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-25450 | Cri | 0.65 | 9.8 | 0.12 | Mar 18, 2022 | Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function. | ||
| CVE-2025-52221 | Cri | 0.64 | 9.8 | 0.00 | Apr 8, 2026 | Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters. | ||
| CVE-2025-29031 | Cri | 0.64 | 9.8 | 0.00 | Mar 14, 2025 | Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | ||
| CVE-2025-29030 | Cri | 0.64 | 9.8 | 0.00 | Mar 14, 2025 | Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | ||
| CVE-2025-29029 | Cri | 0.64 | 9.8 | 0.00 | Mar 14, 2025 | Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function. | ||
| CVE-2025-25343 | Cri | 0.64 | 9.8 | 0.01 | Feb 12, 2025 | Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | ||
| CVE-2024-52714 | Cri | 0.64 | 9.8 | 0.01 | Nov 19, 2024 | Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime. | ||
| CVE-2023-38823 | Cri | 0.64 | 9.8 | 0.01 | Nov 20, 2023 | Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd. | ||
| CVE-2023-40830 | Cri | 0.64 | 9.8 | 0.01 | Oct 3, 2023 | Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | ||
| CVE-2023-40848 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858." | ||
| CVE-2023-40847 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check. | ||
| CVE-2023-40845 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks. | ||
| CVE-2023-40844 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.' | ||
| CVE-2023-40843 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004." | ||
| CVE-2023-40842 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler." | ||
| CVE-2023-40841 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node," | ||
| CVE-2023-40840 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat." | ||
| CVE-2023-40839 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute… | ||
| CVE-2023-40838 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability. | ||
| CVE-2023-40837 | Cri | 0.64 | 9.8 | 0.01 | Aug 30, 2023 | Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute… |
- risk 0.65cvss 9.8epss 0.12
Tenda AC6 V15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
- risk 0.64cvss 9.8epss 0.00
Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.
- risk 0.64cvss 9.8epss 0.00
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
- risk 0.64cvss 9.8epss 0.00
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
- risk 0.64cvss 9.8epss 0.00
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.
- risk 0.64cvss 9.8epss 0.01
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
- risk 0.64cvss 9.8epss 0.01
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute…
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.
- risk 0.64cvss 9.8epss 0.01
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADD50" function to execute…
Page 1 of 7