Tenda

Ac9 Firmware

91 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-5900

Exploit
  • EPSS 0.13%
  • Veröffentlicht 09.06.2025 22:00:19
  • Zuletzt bearbeitet 16.06.2025 14:42:41

A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclos...

8.8

CVE-2025-5847

Exploit
  • EPSS 0.66%
  • Veröffentlicht 08.06.2025 13:31:44
  • Zuletzt bearbeitet 09.06.2025 19:04:55

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation o...

8.8

CVE-2025-5839

Exploit
  • EPSS 0.62%
  • Veröffentlicht 07.06.2025 17:31:13
  • Zuletzt bearbeitet 09.06.2025 19:07:34

A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument...

6.5

CVE-2025-5836

Exploit
  • EPSS 6.3%
  • Veröffentlicht 07.06.2025 13:31:06
  • Zuletzt bearbeitet 09.06.2025 19:07:49

A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to comman...

9.8

CVE-2025-45042

Exploit
  • EPSS 14.83%
  • Veröffentlicht 05.05.2025 00:00:00
  • Zuletzt bearbeitet 07.05.2025 16:39:20

Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.

9.8

CVE-2025-44877

Exploit
  • EPSS 12.51%
  • Veröffentlicht 02.05.2025 00:00:00
  • Zuletzt bearbeitet 27.05.2025 14:21:50

Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8

CVE-2025-44872

Exploit
  • EPSS 12.51%
  • Veröffentlicht 02.05.2025 00:00:00
  • Zuletzt bearbeitet 27.05.2025 14:21:40

Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8

CVE-2025-45429

Exploit
  • EPSS 2.44%
  • Veröffentlicht 23.04.2025 00:00:00
  • Zuletzt bearbeitet 30.04.2025 15:48:51

In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.

9.8

CVE-2025-45428

Exploit
  • EPSS 2.25%
  • Veröffentlicht 23.04.2025 00:00:00
  • Zuletzt bearbeitet 30.04.2025 16:12:11

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

9.8

CVE-2025-45427

Exploit
  • EPSS 2.25%
  • Veröffentlicht 23.04.2025 00:00:00
  • Zuletzt bearbeitet 30.04.2025 13:51:20

In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.