AC8V4
by Tenda
CVEs (22)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-25668 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2025 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function. | ||
| CVE-2025-25667 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2025 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | ||
| CVE-2025-25664 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2025 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function. | ||
| CVE-2025-25663 | Cri | 0.64 | 9.8 | 0.01 | Feb 20, 2025 | A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. | ||
| CVE-2024-57703 | Cri | 0.64 | 9.8 | 0.01 | Jan 16, 2025 | Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. | ||
| CVE-2024-46652 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2024 | Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. | ||
| CVE-2023-48194 | Cri | 0.64 | 9.8 | 0.01 | Jul 9, 2024 | Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. | ||
| CVE-2023-33673 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | ||
| CVE-2023-33671 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function. | ||
| CVE-2023-33670 | Cri | 0.64 | 9.8 | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function. | ||
| CVE-2023-33669 | Cri | 0.64 | 9.8 | 0.02 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function. | ||
| CVE-2025-51087 | Hig | 0.57 | 8.6 | 0.08 | Jul 24, 2025 | Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. | ||
| CVE-2024-57704 | Hig | 0.57 | 8.8 | 0.00 | Jan 16, 2025 | Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. | ||
| CVE-2025-29101 | Hig | 0.49 | 7.5 | 0.00 | Mar 20, 2025 | Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. | ||
| CVE-2023-39786 | Hig | 0.49 | 7.5 | 0.01 | Aug 21, 2023 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | ||
| CVE-2023-39785 | Hig | 0.49 | 7.5 | 0.01 | Aug 21, 2023 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function. | ||
| CVE-2023-39784 | Hig | 0.49 | 7.5 | 0.01 | Aug 21, 2023 | Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | ||
| CVE-2023-33672 | Hig | 0.49 | 7.5 | 0.01 | Jun 2, 2023 | Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. | ||
| CVE-2025-51089 | Med | 0.43 | 6.5 | 0.06 | Jul 24, 2025 | Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow. | ||
| CVE-2025-51088 | Med | 0.35 | 5.3 | 0.07 | Jul 24, 2025 | Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow. |
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
- risk 0.64cvss 9.8epss 0.01
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
- risk 0.64cvss 9.8epss 0.01
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.
- risk 0.64cvss 9.8epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.
- risk 0.64cvss 9.8epss 0.02
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.
- risk 0.57cvss 8.6epss 0.08
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.
- risk 0.57cvss 8.8epss 0.00
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow.
- risk 0.49cvss 7.5epss 0.00
Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function.
- risk 0.49cvss 7.5epss 0.01
Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
- risk 0.43cvss 6.5epss 0.06
Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow.
- risk 0.35cvss 5.3epss 0.07
Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow.
Page 1 of 2