VYPR

AC9

by Tenda

CVEs (104)

  • CVE-2025-14286Dec 9, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be…

  • CVE-2025-57638Sep 23, 2025
    risk 0.00cvss epss 0.00

    Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.

  • CVE-2025-57639Sep 23, 2025
    risk 0.00cvss epss 0.01

    OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.

  • CVE-2025-10443Sep 15, 2025
    risk 0.00cvss epss 0.04

    A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The…

Page 6 of 6