Tenda

Ac15 Firmware

86 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-30840

  • EPSS 0.3%
  • Veröffentlicht 15.04.2024 20:15:11
  • Zuletzt bearbeitet 14.04.2025 13:40:27

A Stack Overflow vulnerability in Tenda AC15 v15.03.05.18 allows attackers to cause a denial of service via the LISTEN parameter in the fromDhcpListClient function.

8

CVE-2024-30645

  • EPSS 1.05%
  • Veröffentlicht 29.03.2024 16:15:11
  • Zuletzt bearbeitet 08.04.2025 15:27:52

Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter.

4.3

CVE-2024-30613

  • EPSS 0.36%
  • Veröffentlicht 29.03.2024 13:15:15
  • Zuletzt bearbeitet 08.04.2025 15:27:30

Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function.

9.8

CVE-2024-2855

Exploit
  • EPSS 1.3%
  • Veröffentlicht 24.03.2024 06:15:11
  • Zuletzt bearbeitet 21.11.2024 09:10:41

A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-bas...

9.8

CVE-2024-2852

Exploit
  • EPSS 1.3%
  • Veröffentlicht 24.03.2024 05:15:09
  • Zuletzt bearbeitet 21.11.2024 09:10:40

A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-ba...

9.8

CVE-2024-2851

Exploit
  • EPSS 4.01%
  • Veröffentlicht 24.03.2024 03:15:09
  • Zuletzt bearbeitet 21.11.2024 09:10:40

A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection...

9.8

CVE-2024-2850

Exploit
  • EPSS 1.3%
  • Veröffentlicht 24.03.2024 02:15:07
  • Zuletzt bearbeitet 21.11.2024 09:10:40

A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Affected by this issue is the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer ...

6.5

CVE-2024-2817

Exploit
  • EPSS 0.34%
  • Veröffentlicht 22.03.2024 08:15:10
  • Zuletzt bearbeitet 21.11.2024 09:10:35

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. ...

6.5

CVE-2024-2816

Exploit
  • EPSS 0.36%
  • Veröffentlicht 22.03.2024 08:15:10
  • Zuletzt bearbeitet 21.11.2024 09:10:35

A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be...

9.8

CVE-2024-2815

Exploit
  • EPSS 1.32%
  • Veröffentlicht 22.03.2024 08:15:09
  • Zuletzt bearbeitet 21.11.2024 09:10:35

A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to sta...