VYPR

A18

by Tenda

CVEs (11)

  • CVE-2023-50585CriJan 9, 2024
    risk 0.64cvss 9.8epss 0.01

    Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.

  • CVE-2024-32305HigApr 17, 2024
    risk 0.57cvss 8.8epss 0.01

    Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.

  • CVE-2023-39829HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.01

    Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.

  • CVE-2023-39828HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.01

    Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.

  • CVE-2023-39827HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.01

    Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.

  • CVE-2022-44932HigDec 8, 2022
    risk 0.49cvss 7.5epss 0.01

    An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.

  • CVE-2022-44931HigDec 8, 2022
    risk 0.49cvss 7.5epss 0.01

    Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.

  • CVE-2025-0848MedJan 30, 2025
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to…

  • CVE-2026-2930MedFeb 22, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be…

  • CVE-2026-2877Feb 21, 2026
    risk 0.00cvss epss 0.00

    A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. It is possible to initiate the attack…

  • CVE-2026-2876Feb 21, 2026
    risk 0.00cvss epss 0.01

    A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been…

VYPR — Vulnerability Intelligence