AC10
by Tenda
Source repositories
CVEs (128)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14558 | Cri | 0.76 | 9.8 | 0.09 | KEV | Oct 30, 2018 | An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute… | |
| CVE-2022-32054 | Cri | 0.66 | 9.8 | 0.31 | Jul 7, 2022 | Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter. | ||
| CVE-2023-44018 | Cri | 0.65 | 9.8 | 0.15 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function. | ||
| CVE-2025-45779 | Cri | 0.64 | 9.8 | 0.05 | May 12, 2025 | Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter. | ||
| CVE-2025-25456 | Cri | 0.64 | 9.8 | 0.01 | Apr 15, 2025 | Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2. | ||
| CVE-2025-25675 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2025 | Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmd_buf variable, which is directly used in the doSystemCmd function,… | ||
| CVE-2025-25674 | Cri | 0.64 | 9.8 | 0.00 | Feb 20, 2025 | Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid. | ||
| CVE-2023-45484 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic. | ||
| CVE-2023-45483 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time. | ||
| CVE-2023-45482 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | ||
| CVE-2023-45481 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg. | ||
| CVE-2023-45480 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878. | ||
| CVE-2023-45479 | Cri | 0.64 | 9.8 | 0.01 | Nov 29, 2023 | Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098. | ||
| CVE-2023-44023 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||
| CVE-2023-44022 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | ||
| CVE-2023-44021 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function. | ||
| CVE-2023-44020 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | ||
| CVE-2023-44019 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function. | ||
| CVE-2023-44017 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function. | ||
| CVE-2023-44016 | Cri | 0.64 | 9.8 | 0.01 | Sep 27, 2023 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function. |
- risk 0.76cvss 9.8epss 0.09
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute…
- risk 0.66cvss 9.8epss 0.31
Tenda AC10 US_AC10V1.0RTL_V15.03.06.26_multi_TD01 was discovered to contain a remote code execution (RCE) vulnerability via the lanIp parameter.
- risk 0.65cvss 9.8epss 0.15
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the domain parameter in the add_white_node function.
- risk 0.64cvss 9.8epss 0.05
Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmd_buf variable, which is directly used in the doSystemCmd function,…
- risk 0.64cvss 9.8epss 0.00
Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the formSetClientState function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the mac parameter in the GetParentControlInfo function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.
Page 1 of 7