VYPR

AC1206

by Tenda

CVEs (47)

  • CVE-2024-9793MedOct 10, 2024
    risk 0.43cvss 6.3epss 0.21

    A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has…

  • CVE-2024-10280MedOct 23, 2024
    risk 0.42cvss 6.5epss 0.01

    A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to…

  • CVE-2022-42078MedOct 12, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.

  • CVE-2022-42077MedOct 12, 2022
    risk 0.42cvss 6.5epss 0.00

    Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.

  • CVE-2026-0581MedJan 5, 2026
    risk 0.41cvss 6.3epss 0.08

    A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function formBehaviorManager of the file /goform/BehaviorManager of the component httpd. Executing a manipulation of the argument modulename/option/data/switch can lead to command…

  • CVE-2025-10432Sep 15, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow.…

  • CVE-2025-9523Aug 27, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was detected in Tenda AC1206 15.03.06.23. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in stack-based buffer overflow. It is possible to launch the attack remotely. The…

Page 3 of 3