AC9
by Tenda
CVEs (104)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-14286 | 0.00 | — | 0.01 | Dec 9, 2025 | A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be… | |||
| CVE-2025-57638 | 0.00 | — | 0.00 | Sep 23, 2025 | Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value. | |||
| CVE-2025-57639 | 0.00 | — | 0.01 | Sep 23, 2025 | OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file. | |||
| CVE-2025-10443 | 0.00 | — | 0.04 | Sep 15, 2025 | A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The… |
- CVE-2025-14286Dec 9, 2025risk 0.00cvss —epss 0.01
A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be…
- CVE-2025-57638Sep 23, 2025risk 0.00cvss —epss 0.00
Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.
- CVE-2025-57639Sep 23, 2025risk 0.00cvss —epss 0.01
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.
- CVE-2025-10443Sep 15, 2025risk 0.00cvss —epss 0.04
A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The…
Page 6 of 6