VYPR

AC23

by Tenda

CVEs (32)

  • CVE-2023-0782HigFeb 11, 2023
    risk 0.47cvss 7.2epss 0.01

    A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit…

  • CVE-2025-3167MedApr 3, 2025
    risk 0.42cvss 6.5epss 0.01

    A vulnerability, which was classified as problematic, has been found in Tenda AC23 16.03.07.52. This issue affects some unknown processing of the file /goform/VerAPIMant of the component API Interface. The manipulation of the argument getuid leads to denial of service. The…

  • CVE-2023-40802MedAug 25, 2023
    risk 0.42cvss 6.5epss 0.01

    The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn

  • CVE-2026-1420Jan 26, 2026
    risk 0.00cvss epss 0.04

    A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapsk_crypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be…

  • CVE-2026-0640Jan 6, 2026
    risk 0.00cvss epss 0.03

    A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a manipulation of the argument Time can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the…

  • CVE-2025-15217Dec 30, 2025
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.

  • CVE-2025-15216Dec 30, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument bindnum leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is…

  • CVE-2025-12596Nov 2, 2025
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The…

  • CVE-2025-12595Nov 2, 2025
    risk 0.00cvss epss 0.01

    A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made…

  • CVE-2025-11356Oct 7, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2025-10803Sep 22, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. It is…

  • CVE-2025-9605Aug 29, 2025
    risk 0.00cvss epss 0.01

    A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely.…

Page 2 of 2