Tenda

Ac15 Firmware

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-29462

Exploit
  • EPSS 0.45%
  • Veröffentlicht 03.04.2025 00:00:00
  • Zuletzt bearbeitet 22.04.2025 16:33:41

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on...

6.5

CVE-2025-25634

Exploit
  • EPSS 0.12%
  • Veröffentlicht 05.03.2025 21:15:19
  • Zuletzt bearbeitet 10.04.2025 18:17:11

A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow.

9.8

CVE-2025-25632

Exploit
  • EPSS 10.79%
  • Veröffentlicht 05.03.2025 21:15:19
  • Zuletzt bearbeitet 09.04.2025 20:56:55

Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet.

8.8

CVE-2025-0566

Exploit
  • EPSS 10.19%
  • Veröffentlicht 19.01.2025 07:15:06
  • Zuletzt bearbeitet 01.07.2025 15:11:11

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible ...

8.8

CVE-2024-10662

Exploit
  • EPSS 0.83%
  • Veröffentlicht 01.11.2024 16:15:07
  • Zuletzt bearbeitet 05.11.2024 14:30:16

A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The...

8.8

CVE-2024-10661

Exploit
  • EPSS 0.83%
  • Veröffentlicht 01.11.2024 16:15:07
  • Zuletzt bearbeitet 05.11.2024 14:30:37

A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. Th...

7.5

CVE-2024-10280

  • EPSS 0.16%
  • Veröffentlicht 23.10.2024 14:15:04
  • Zuletzt bearbeitet 01.11.2024 14:03:20

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argu...

9.8

CVE-2023-36103

Exploit
  • EPSS 12.8%
  • Veröffentlicht 10.09.2024 16:15:18
  • Zuletzt bearbeitet 24.09.2024 18:10:16

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.

8

CVE-2024-32303

  • EPSS 0.13%
  • Veröffentlicht 17.04.2024 16:15:08
  • Zuletzt bearbeitet 30.06.2025 13:37:14

Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.

6.5

CVE-2024-30840

  • EPSS 0.04%
  • Veröffentlicht 15.04.2024 20:15:11
  • Zuletzt bearbeitet 14.04.2025 13:40:27

A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function.