AC15
by Tenda
CVEs (97)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-5767 | Cri | 0.70 | 9.8 | 0.41 | Feb 15, 2018 | An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header. | ||
| CVE-2022-28557 | Cri | 0.65 | 9.8 | 0.22 | May 4, 2022 | There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution | ||
| CVE-2021-44352 | Cri | 0.65 | 9.8 | 0.13 | Dec 3, 2021 | A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind. | ||
| CVE-2023-39673 | Cri | 0.64 | 9.8 | 0.01 | Aug 18, 2023 | Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34(). | ||
| CVE-2023-30378 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30376 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30375 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30373 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30372 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30371 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30370 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | ||
| CVE-2023-30369 | Cri | 0.64 | 9.8 | 0.01 | Apr 24, 2023 | Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | ||
| CVE-2022-40851 | Cri | 0.64 | 9.8 | 0.09 | Sep 23, 2022 | Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | ||
| CVE-2022-40869 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list"). | ||
| CVE-2022-40865 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/ | ||
| CVE-2022-40864 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet | ||
| CVE-2022-40862 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting | ||
| CVE-2022-40860 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList | ||
| CVE-2022-40853 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2022 | Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set | ||
| CVE-2022-38326 | Cri | 0.64 | 9.8 | 0.01 | Sep 15, 2022 | Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. |
- risk 0.70cvss 9.8epss 0.41
An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.
- risk 0.65cvss 9.8epss 0.22
There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution
- risk 0.65cvss 9.8epss 0.13
A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.
- risk 0.64cvss 9.8epss 0.09
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
- risk 0.64cvss 9.8epss 0.01
Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.
Page 1 of 5