VYPR

AC9

by Tenda

CVEs (104)

  • CVE-2022-25434CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.09

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.

  • CVE-2022-25433CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.

  • CVE-2022-25431CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.

  • CVE-2022-25429CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.

  • CVE-2022-25428CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.

  • CVE-2022-25427CriMar 18, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.

  • CVE-2022-25418CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function openSchedWifi.

  • CVE-2022-25417CriFeb 24, 2022
    risk 0.64cvss 9.8epss 0.02

    Tenda AC9 V15.03.2.21_cn was discovered to contain a stack overflow via the function saveparentcontrolinfo.

  • CVE-2020-26728CriFeb 11, 2022
    risk 0.64cvss 9.8epss 0.04

    A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.

  • CVE-2020-13394CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2020-13393CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2020-13392CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2020-13391CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2020-13390CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2020-13389CriMay 22, 2020
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server --…

  • CVE-2018-18729CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the…

  • CVE-2018-18728CriOct 29, 2018
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.

  • CVE-2018-7561CriMar 1, 2018
    risk 0.64cvss 9.8epss 0.02

    Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2026-6016HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be…

  • CVE-2026-6015HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch…

Page 3 of 6