Tenda

Ac9 Firmware

89 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2026-2192

Exploit
  • EPSS 0.09%
  • Veröffentlicht 08.02.2026 23:15:49
  • Zuletzt bearbeitet 10.02.2026 15:09:48

A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-b...

7.2

CVE-2026-2191

Exploit
  • EPSS 0.09%
  • Veröffentlicht 08.02.2026 22:32:10
  • Zuletzt bearbeitet 10.02.2026 15:09:59

A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit ...

7.5

CVE-2025-14286

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.12.2025 01:32:07
  • Zuletzt bearbeitet 11.12.2025 17:15:12

A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosur...

7.5

CVE-2025-57638

Exploit
  • EPSS 0.08%
  • Veröffentlicht 23.09.2025 19:15:41
  • Zuletzt bearbeitet 25.09.2025 16:09:10

Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.

6.5

CVE-2025-57639

Exploit
  • EPSS 4.21%
  • Veröffentlicht 23.09.2025 18:15:35
  • Zuletzt bearbeitet 25.09.2025 16:09:17

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.

8.8

CVE-2025-10443

Exploit
  • EPSS 0.48%
  • Veröffentlicht 15.09.2025 11:32:07
  • Zuletzt bearbeitet 19.09.2025 19:22:53

A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can b...

8.8

CVE-2025-10442

Exploit
  • EPSS 0.37%
  • Veröffentlicht 15.09.2025 11:15:33
  • Zuletzt bearbeitet 19.09.2025 20:39:12

A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is po...

7

CVE-2025-9731

Exploit
  • EPSS 0.01%
  • Veröffentlicht 31.08.2025 13:32:07
  • Zuletzt bearbeitet 04.09.2025 16:49:00

A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the a...

7.1

CVE-2025-5900

Exploit
  • EPSS 0.05%
  • Veröffentlicht 09.06.2025 22:00:19
  • Zuletzt bearbeitet 16.06.2025 14:42:41

A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclos...

8.8

CVE-2025-5847

Exploit
  • EPSS 0.22%
  • Veröffentlicht 08.06.2025 13:31:44
  • Zuletzt bearbeitet 09.06.2025 19:04:55

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation o...