Tenda

Ac18

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-11528

Exploit
  • EPSS 0.47%
  • Veröffentlicht 08.06.2026 15:15:12
  • Zuletzt bearbeitet 09.06.2026 01:34:33

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub_45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer...

9.8

CVE-2026-31255

Exploit
  • EPSS 1.12%
  • Veröffentlicht 27.04.2026 00:00:00
  • Zuletzt bearbeitet 28.04.2026 15:16:28

A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is located in the /goform/SetSambaCfg interface, where improper handling of the guestuser parameter allows attackers to execute arbitrary system commands.

8.8

CVE-2025-14993

Exploit
  • EPSS 0.67%
  • Veröffentlicht 21.12.2025 04:32:06
  • Zuletzt bearbeitet 31.12.2025 15:52:33

A vulnerability was detected in Tenda AC18 15.03.05.05. This affects the function sprintf of the file /goform/SetDlnaCfg of the component HTTP Request Handler. The manipulation of the argument scanList results in stack-based buffer overflow. The atta...

8.8

CVE-2025-14992

Exploit
  • EPSS 0.64%
  • Veröffentlicht 21.12.2025 04:02:07
  • Zuletzt bearbeitet 31.12.2025 19:24:32

A security vulnerability has been detected in Tenda AC18 15.03.05.05. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-base...

5.4

CVE-2025-63834

Exploit
  • EPSS 0.19%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 01.12.2025 20:15:54

A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visi...

8.8

CVE-2025-63835

Exploit
  • EPSS 0.6%
  • Veröffentlicht 10.11.2025 00:00:00
  • Zuletzt bearbeitet 18.11.2025 17:16:13

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversiz...

8.8

CVE-2025-11328

Exploit
  • EPSS 0.99%
  • Veröffentlicht 06.10.2025 08:32:07
  • Zuletzt bearbeitet 07.10.2025 17:01:37

A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the atta...

8.8

CVE-2025-11327

Exploit
  • EPSS 1.15%
  • Veröffentlicht 06.10.2025 08:02:06
  • Zuletzt bearbeitet 07.10.2025 17:01:49

A security vulnerability has been detected in Tenda AC18 15.03.05.19(6318). This vulnerability affects unknown code of the file /goform/SetUpnpCfg. The manipulation of the argument upnpEn leads to stack-based buffer overflow. It is possible to initia...

9

CVE-2025-11326

Exploit
  • EPSS 1.15%
  • Veröffentlicht 06.10.2025 07:32:07
  • Zuletzt bearbeitet 24.02.2026 07:16:26

A weakness has been identified in Tenda AC18 15.03.05.19(6318). This affects an unknown part of the file /goform/WifiMacFilterSet. Executing a manipulation of the argument wifi_chkHz can lead to stack-based buffer overflow. The attack may be performe...

9

CVE-2025-11325

Exploit
  • EPSS 0.72%
  • Veröffentlicht 06.10.2025 07:02:07
  • Zuletzt bearbeitet 24.02.2026 07:16:26

A security flaw has been discovered in Tenda AC18 15.03.05.19(6318). Affected by this issue is some unknown functionality of the file /goform/fast_setting_pppoe_set. Performing a manipulation of the argument Username results in stack-based buffer ove...