VYPR

AC6

by Tenda

CVEs (128)

  • CVE-2022-45647HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.

  • CVE-2022-45646HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.

  • CVE-2022-45645HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.

  • CVE-2022-45644HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.

  • CVE-2022-45643HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.

  • CVE-2022-45641HigDec 2, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.

  • CVE-2022-45640HigDec 1, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local).

  • CVE-2020-28095HigDec 30, 2020
    risk 0.49cvss 7.5epss 0.01

    On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP POST request sent to the change password API will trigger the router to crash and enter an infinite boot loop.

  • CVE-2020-28094HigDec 28, 2020
    risk 0.49cvss 7.5epss 0.01

    On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning.

  • CVE-2025-50528HigJun 27, 2025
    risk 0.47cvss 7.3epss 0.00

    A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05.19 via the page parameter.

  • CVE-2020-28093HigDec 28, 2020
    risk 0.47cvss 7.2epss 0.01

    On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234.

  • CVE-2024-10697MedNov 2, 2024
    risk 0.43cvss 6.3epss 0.26

    A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this vulnerability is the function formWriteFacMac of the file /goform/WriteFacMac of the component API Endpoint. The manipulation of the argument mac leads to command injection. The…

  • CVE-2025-50641MedJul 1, 2025
    risk 0.42cvss 6.5epss 0.00

    Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.

  • CVE-2025-44172MedJun 2, 2025
    risk 0.42cvss 6.5epss 0.00

    Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.

  • CVE-2025-25507MedFeb 21, 2025
    risk 0.42cvss 6.5epss 0.00

    There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution.

  • CVE-2025-25505MedFeb 21, 2025
    risk 0.42cvss 6.5epss 0.00

    Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function.

  • CVE-2024-10280MedOct 23, 2024
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to…

  • CVE-2022-45674MedDec 2, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.

  • CVE-2022-45673MedDec 2, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.

  • CVE-2026-8264MedMay 11, 2026
    risk 0.41cvss 6.3epss 0.03

    A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command…

Page 5 of 7