Tenda

Ac10u Firmware

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2025-15218

Exploit
  • EPSS 0.09%
  • Veröffentlicht 30.12.2025 03:32:08
  • Zuletzt bearbeitet 24.02.2026 07:17:04

A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing a manipulation of the arg...

8.8

CVE-2025-15215

Exploit
  • EPSS 0.06%
  • Veröffentlicht 30.12.2025 02:02:08
  • Zuletzt bearbeitet 02.01.2026 21:28:56

A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer ...

7.5

CVE-2024-10280

  • EPSS 0.22%
  • Veröffentlicht 23.10.2024 14:15:04
  • Zuletzt bearbeitet 01.11.2024 14:03:20

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argu...

5.7

CVE-2024-32306

Exploit
  • EPSS 0.08%
  • Veröffentlicht 17.04.2024 14:15:09
  • Zuletzt bearbeitet 17.03.2025 14:22:18

Tenda AC10U v1.0 Firmware v15.03.06.49 has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.

8.1

CVE-2024-30612

Exploit
  • EPSS 0.18%
  • Veröffentlicht 28.03.2024 15:15:46
  • Zuletzt bearbeitet 17.03.2025 14:21:36

Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function.

9.8

CVE-2024-2853

Exploit
  • EPSS 1.41%
  • Veröffentlicht 24.03.2024 05:15:10
  • Zuletzt bearbeitet 21.11.2024 09:10:40

A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical. This issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection....

8.8

CVE-2024-2764

Exploit
  • EPSS 0.44%
  • Veröffentlicht 21.03.2024 21:15:11
  • Zuletzt bearbeitet 12.12.2024 17:32:10

A vulnerability, which was classified as critical, was found in Tenda AC10U 15.03.06.48. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument endIP leads to stack-based buffer overflow. It...

8.8

CVE-2024-2763

Exploit
  • EPSS 0.46%
  • Veröffentlicht 21.03.2024 21:15:10
  • Zuletzt bearbeitet 12.12.2024 17:31:50

A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.48. Affected by this issue is the function formSetCfm of the file goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow...

8.8

CVE-2024-2711

Exploit
  • EPSS 0.24%
  • Veröffentlicht 20.03.2024 18:15:12
  • Zuletzt bearbeitet 12.12.2024 17:30:41

A vulnerability was found in Tenda AC10U 15.03.06.48. It has been rated as critical. Affected by this issue is the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceMac leads to stack-based buffer ...

8.8

CVE-2024-2710

Exploit
  • EPSS 0.24%
  • Veröffentlicht 20.03.2024 18:15:11
  • Zuletzt bearbeitet 12.12.2024 17:30:23

A vulnerability was found in Tenda AC10U 15.03.06.49. It has been declared as critical. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-base...