AC21
by Tenda
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4565 | Hig | 0.57 | 8.8 | 0.01 | Mar 23, 2026 | A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and… | ||
| CVE-2022-44163 | Hig | 0.49 | 7.5 | 0.01 | Nov 21, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg. | ||
| CVE-2022-44158 | Hig | 0.49 | 7.5 | 0.01 | Nov 21, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name. | ||
| CVE-2022-40076 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic. | ||
| CVE-2022-40075 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set. | ||
| CVE-2022-40074 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi. | ||
| CVE-2022-40073 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo. | ||
| CVE-2022-40072 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement. | ||
| CVE-2022-40071 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName. | ||
| CVE-2022-40070 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/httpd, function: formSetFirewallCfg. | ||
| CVE-2022-40069 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | ]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime. | ||
| CVE-2022-40068 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand. | ||
| CVE-2022-40067 | Hig | 0.49 | 7.5 | 0.01 | Sep 19, 2022 | Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer. | ||
| CVE-2026-1638 | Med | 0.41 | 6.3 | 0.02 | Jan 30, 2026 | A security flaw has been discovered in Tenda AC21 1.1.1.1/1.dmzip/16.03.08.16. The impacted element is the function mDMZSetCfg of the file /goform/mDMZSetCfg. The manipulation of the argument dmzIp results in command injection. The attack can be executed remotely. The exploit… | ||
| CVE-2026-2148 | 0.00 | — | 0.01 | Feb 8, 2026 | A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely.… | |||
| CVE-2026-2147 | 0.00 | — | 0.01 | Feb 8, 2026 | A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The… | |||
| CVE-2026-1637 | 0.00 | — | 0.01 | Jan 29, 2026 | A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly… | |||
| CVE-2025-13446 | 0.00 | — | 0.03 | Nov 20, 2025 | A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The… | |||
| CVE-2025-13445 | 0.00 | — | 0.03 | Nov 20, 2025 | A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing a manipulation of the argument list can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be… | |||
| CVE-2025-65222 | 0.00 | — | 0.02 | Nov 20, 2025 | Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg. |
- risk 0.57cvss 8.8epss 0.01
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and…
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/httpd, function: formSetFirewallCfg.
- risk 0.49cvss 7.5epss 0.01
]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand.
- risk 0.49cvss 7.5epss 0.01
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer.
- risk 0.41cvss 6.3epss 0.02
A security flaw has been discovered in Tenda AC21 1.1.1.1/1.dmzip/16.03.08.16. The impacted element is the function mDMZSetCfg of the file /goform/mDMZSetCfg. The manipulation of the argument dmzIp results in command injection. The attack can be executed remotely. The exploit…
- CVE-2026-2148Feb 8, 2026risk 0.00cvss —epss 0.01
A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely.…
- CVE-2026-2147Feb 8, 2026risk 0.00cvss —epss 0.01
A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The…
- CVE-2026-1637Jan 29, 2026risk 0.00cvss —epss 0.01
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly…
- CVE-2025-13446Nov 20, 2025risk 0.00cvss —epss 0.03
A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The…
- CVE-2025-13445Nov 20, 2025risk 0.00cvss —epss 0.03
A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing a manipulation of the argument list can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be…
- CVE-2025-65222Nov 20, 2025risk 0.00cvss —epss 0.02
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg.
Page 1 of 2