AC18
by Tenda
CVEs (108)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57578 | Hig | 0.57 | 8.8 | 0.01 | Jan 16, 2025 | Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | ||
| CVE-2024-33181 | Hig | 0.57 | 8.8 | 0.01 | Jul 16, 2024 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter. | ||
| CVE-2024-30891 | Hig | 0.57 | 8.8 | 0.02 | Apr 5, 2024 | A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution. | ||
| CVE-2024-2558 | Hig | 0.57 | 8.8 | 0.01 | Mar 17, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated… | ||
| CVE-2024-2547 | Hig | 0.57 | 8.8 | 0.01 | Mar 17, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been… | ||
| CVE-2024-2546 | Hig | 0.57 | 8.8 | 0.01 | Mar 17, 2024 | A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely.… | ||
| CVE-2024-2490 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The… | ||
| CVE-2024-2489 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack… | ||
| CVE-2024-2488 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated… | ||
| CVE-2024-2487 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack… | ||
| CVE-2024-2486 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the… | ||
| CVE-2024-2485 | Hig | 0.57 | 8.8 | 0.02 | Mar 15, 2024 | A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched… | ||
| CVE-2017-16923 | Hig | 0.57 | 8.8 | 0.03 | Nov 21, 2017 | Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01,… | ||
| CVE-2024-34974 | Hig | 0.53 | 8.2 | 0.01 | May 14, 2024 | Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. | ||
| CVE-2024-41630 | Hig | 0.49 | 7.6 | 0.01 | Jul 31, 2024 | Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. | ||
| CVE-2024-28551 | Hig | 0.49 | 7.5 | 0.01 | Mar 26, 2024 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function. | ||
| CVE-2018-18732 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2018 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer'… | ||
| CVE-2018-18731 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2018 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac'… | ||
| CVE-2018-18730 | Hig | 0.49 | 7.5 | 0.01 | Oct 29, 2018 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and… | ||
| CVE-2025-0528 | Hig | 0.47 | 7.2 | 0.06 | Jan 17, 2025 | A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The… |
- risk 0.57cvss 8.8epss 0.01
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function.
- risk 0.57cvss 8.8epss 0.01
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter.
- risk 0.57cvss 8.8epss 0.02
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution.
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated…
- risk 0.57cvss 8.8epss 0.01
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been…
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely.…
- risk 0.57cvss 8.8epss 0.02
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The…
- risk 0.57cvss 8.8epss 0.02
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack…
- risk 0.57cvss 8.8epss 0.02
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated…
- risk 0.57cvss 8.8epss 0.02
A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack…
- risk 0.57cvss 8.8epss 0.02
A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the…
- risk 0.57cvss 8.8epss 0.02
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched…
- risk 0.57cvss 8.8epss 0.03
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01,…
- risk 0.53cvss 8.2epss 0.01
Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.
- risk 0.49cvss 7.6epss 0.01
Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set.
- risk 0.49cvss 7.5epss 0.01
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'ntpServer'…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'deviceMac'…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the 'startIp' and…
- risk 0.47cvss 7.2epss 0.06
A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads to command injection. The…
Page 4 of 6