AC6
by Tenda
CVEs (128)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24332 | Hig | 0.53 | 8.1 | 0.01 | Feb 21, 2024 | A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet. | ||
| CVE-2023-26976 | Hig | 0.50 | 7.5 | 0.16 | Apr 4, 2023 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||
| CVE-2025-50262 | Hig | 0.49 | 7.5 | 0.00 | Jul 3, 2025 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter. | ||
| CVE-2025-50260 | Hig | 0.49 | 7.5 | 0.00 | Jul 3, 2025 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter. | ||
| CVE-2025-46035 | Hig | 0.49 | 7.5 | 0.01 | Jun 12, 2025 | Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint | ||
| CVE-2025-29121 | Hig | 0.49 | 7.5 | 0.00 | Mar 20, 2025 | A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow. | ||
| CVE-2022-45661 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function. | ||
| CVE-2022-45660 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function. | ||
| CVE-2022-45659 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | ||
| CVE-2022-45658 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function. | ||
| CVE-2022-45657 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | ||
| CVE-2022-45656 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | ||
| CVE-2022-45655 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | ||
| CVE-2022-45654 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||
| CVE-2022-45653 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | ||
| CVE-2022-45652 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function. | ||
| CVE-2022-45651 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function. | ||
| CVE-2022-45650 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function. | ||
| CVE-2022-45649 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function. | ||
| CVE-2022-45648 | Hig | 0.49 | 7.5 | 0.01 | Dec 2, 2022 | Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function. |
- risk 0.53cvss 8.1epss 0.01
A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.
- risk 0.50cvss 7.5epss 0.16
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
- risk 0.49cvss 7.5epss 0.00
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the list parameter.
- risk 0.49cvss 7.5epss 0.00
Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via the firewallEn parameter.
- risk 0.49cvss 7.5epss 0.01
Buffer Overflow vulnerability in Tenda AC6 v.15.03.05.16 allows a remote attacker to cause a denial of service via the oversized schedStartTime and schedEndTime parameters in an unauthenticated HTTP GET request to the /goform/openSchedWifi endpoint
- risk 0.49cvss 7.5epss 0.00
A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.
Page 4 of 7