Tenda

Ac7

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-11523

Exploit
  • EPSS 1.03%
  • Veröffentlicht 09.10.2025 01:02:07
  • Zuletzt bearbeitet 09.10.2025 22:17:03

A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of the file /goform/AdvSetLanip. The manipulation of the argument lanIp results in command injection. It is possible to launch the attack remotely. The exp...

8.8

CVE-2025-9023

Exploit
  • EPSS 0.37%
  • Veröffentlicht 15.08.2025 08:32:07
  • Zuletzt bearbeitet 03.10.2025 15:03:22

A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack ...

8.8

CVE-2025-8017

Exploit
  • EPSS 0.37%
  • Veröffentlicht 22.07.2025 13:32:07
  • Zuletzt bearbeitet 01.08.2025 20:02:50

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function formSetMacFilterCfg of the file /goform/setMacFilterCfg of the component httpd. The manipulation of the argument deviceList leads to stac...

9.8

CVE-2025-5862

Exploit
  • EPSS 0.26%
  • Veröffentlicht 09.06.2025 05:15:21
  • Zuletzt bearbeitet 09.06.2025 19:02:54

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be ...

9.8

CVE-2025-5861

Exploit
  • EPSS 0.34%
  • Veröffentlicht 09.06.2025 04:31:06
  • Zuletzt bearbeitet 09.06.2025 19:03:01

A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack...

8.8

CVE-2025-4810

Exploit
  • EPSS 0.39%
  • Veröffentlicht 16.05.2025 20:31:06
  • Zuletzt bearbeitet 24.05.2025 01:12:25

A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-ba...

8.8

CVE-2025-4809

Exploit
  • EPSS 0.39%
  • Veröffentlicht 16.05.2025 20:15:22
  • Zuletzt bearbeitet 24.05.2025 01:11:08

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflo...

8.8

CVE-2025-3346

  • EPSS 1.91%
  • Veröffentlicht 07.04.2025 09:31:08
  • Zuletzt bearbeitet 27.05.2025 14:22:29

A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_server_start_ip/pptp_server_end_ip...

9.8

CVE-2025-29135

Exploit
  • EPSS 1.15%
  • Veröffentlicht 24.03.2025 00:00:00
  • Zuletzt bearbeitet 01.04.2025 19:58:46

A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.

9.8

CVE-2025-29137

Exploit
  • EPSS 0.19%
  • Veröffentlicht 19.03.2025 00:00:00
  • Zuletzt bearbeitet 01.04.2025 20:37:02

Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set function, which can cause RCE.