A18
by Tenda
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50585 | Cri | 0.64 | 9.8 | 0.01 | Jan 9, 2024 | Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | ||
| CVE-2024-32305 | Hig | 0.57 | 8.8 | 0.01 | Apr 17, 2024 | Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | ||
| CVE-2023-39829 | Hig | 0.49 | 7.5 | 0.01 | Aug 14, 2023 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function. | ||
| CVE-2023-39828 | Hig | 0.49 | 7.5 | 0.01 | Aug 14, 2023 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. | ||
| CVE-2023-39827 | Hig | 0.49 | 7.5 | 0.01 | Aug 14, 2023 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function. | ||
| CVE-2022-44932 | Hig | 0.49 | 7.5 | 0.01 | Dec 8, 2022 | An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service. | ||
| CVE-2022-44931 | Hig | 0.49 | 7.5 | 0.01 | Dec 8, 2022 | Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | ||
| CVE-2025-0848 | Med | 0.42 | 6.5 | 0.01 | Jan 30, 2025 | A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to… | ||
| CVE-2026-2930 | Med | 0.41 | 6.3 | 0.00 | Feb 22, 2026 | A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be… | ||
| CVE-2026-2877 | 0.00 | — | 0.00 | Feb 21, 2026 | A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. It is possible to initiate the attack… | |||
| CVE-2026-2876 | 0.00 | — | 0.01 | Feb 21, 2026 | A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been… |
- risk 0.64cvss 9.8epss 0.01
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
- risk 0.57cvss 8.8epss 0.01
Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.
- risk 0.49cvss 7.5epss 0.01
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.
- risk 0.49cvss 7.5epss 0.01
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
- risk 0.49cvss 7.5epss 0.01
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.
- risk 0.49cvss 7.5epss 0.01
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.
- risk 0.49cvss 7.5epss 0.01
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.
- risk 0.42cvss 6.5epss 0.01
A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be…
- CVE-2026-2877Feb 21, 2026risk 0.00cvss —epss 0.00
A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. It is possible to initiate the attack…
- CVE-2026-2876Feb 21, 2026risk 0.00cvss —epss 0.01
A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been…