VYPR

AC15

by Tenda

CVEs (97)

  • CVE-2018-5767CriFeb 15, 2018
    risk 0.70cvss 9.8epss 0.41

    An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.

  • CVE-2022-28557CriMay 4, 2022
    risk 0.65cvss 9.8epss 0.22

    There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15 US_AC15V1.0BR_V15.03.05.20_multi_TDE01.bin device web, which can also cooperate with CVE-2021-44971 to cause unconditional arbitrary command execution

  • CVE-2021-44352CriDec 3, 2021
    risk 0.65cvss 9.8epss 0.13

    A Stack-based Buffer Overflow vulnerability exists in the Tenda AC15 V15.03.05.18_multi device via the list parameter in a post request in goform/SetIpMacBind.

  • CVE-2023-39673CriAug 18, 2023
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().

  • CVE-2023-30378CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30376CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30375CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30373CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30372CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30371CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30370CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.

  • CVE-2023-30369CriApr 24, 2023
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow.

  • CVE-2022-40851CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.09

    Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.

  • CVE-2022-40869CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function fromDhcpListClient with a combined parameter "list*" ("%s%d","list").

  • CVE-2022-40865CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 and AC18 routers V15.03.05.19 contain heap overflow vulnerabilities in the function setSchedWifi with the request /goform/openSchedWifi/

  • CVE-2022-40864CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet

  • CVE-2022-40862CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting

  • CVE-2022-40860CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList

  • CVE-2022-40853CriSep 23, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set

  • CVE-2022-38326CriSep 15, 2022
    risk 0.64cvss 9.8epss 0.01

    Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.

Page 1 of 5