VYPR

AC6

by Tenda

CVEs (128)

  • CVE-2023-24332HigFeb 21, 2024
    risk 0.53cvss 8.1epss 0.01

    A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.

  • CVE-2023-26976HigApr 4, 2023
    risk 0.50cvss 7.5epss 0.16

    Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.

  • CVE-2025-50262HigJul 3, 2025
    risk 0.49cvss 7.5epss 0.00

    Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter.

  • CVE-2025-50260HigJul 3, 2025
    risk 0.49cvss 7.5epss 0.00

    Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.

  • CVE-2025-46035HigJun 12, 2025
    risk 0.49cvss 7.5epss 0.01

    Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint

  • CVE-2025-29121HigMar 20, 2025
    risk 0.49cvss 7.5epss 0.00

    A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.

  • CVE-2022-45661HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.

  • CVE-2022-45660HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.

  • CVE-2022-45659HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

  • CVE-2022-45658HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.

  • CVE-2022-45657HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

  • CVE-2022-45656HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.

  • CVE-2022-45655HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.

  • CVE-2022-45654HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.

  • CVE-2022-45653HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.

  • CVE-2022-45652HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.

  • CVE-2022-45651HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.

  • CVE-2022-45650HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.

  • CVE-2022-45649HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.

  • CVE-2022-45648HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.

Page 4 of 7