AC18
by Tenda
CVEs (108)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-10280 | 0.00 | — | 0.01 | Oct 23, 2024 | A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to… | |||
| CVE-2024-41630 | 0.00 | — | 0.01 | Jul 31, 2024 | Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. | |||
| CVE-2024-33180 | 0.00 | — | 0.01 | Jul 16, 2024 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo. | |||
| CVE-2024-33181 | 0.00 | — | 0.01 | Jul 16, 2024 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter. | |||
| CVE-2024-33182 | 0.00 | — | 0.01 | Jul 16, 2024 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter. | |||
| CVE-2024-34974 | 0.00 | — | 0.01 | May 10, 2024 | Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. | |||
| CVE-2024-33835 | 0.00 | — | 0.01 | May 1, 2024 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function. | |||
| CVE-2024-30891 | 0.00 | — | 0.02 | Apr 5, 2024 | A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution. |
- CVE-2024-10280Oct 23, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads to…
- CVE-2024-41630Jul 31, 2024risk 0.00cvss —epss 0.01
Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set.
- CVE-2024-33180Jul 16, 2024risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.
- CVE-2024-33181Jul 16, 2024risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter.
- CVE-2024-33182Jul 16, 2024risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.
- CVE-2024-34974May 10, 2024risk 0.00cvss —epss 0.01
Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.
- CVE-2024-33835May 1, 2024risk 0.00cvss —epss 0.01
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function.
- CVE-2024-30891Apr 5, 2024risk 0.00cvss —epss 0.02
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution.
Page 6 of 6