Tenda

Ac10 Firmware

92 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-5550

  • EPSS 0.05%
  • Veröffentlicht 05.04.2026 08:00:20
  • Zuletzt bearbeitet 07.04.2026 13:20:35

A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoin...

5.3

CVE-2026-5549

Exploit
  • EPSS 0.04%
  • Veröffentlicht 05.04.2026 07:45:14
  • Zuletzt bearbeitet 07.04.2026 13:20:35

A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead...

8.8

CVE-2026-5548

  • EPSS 0.05%
  • Veröffentlicht 05.04.2026 07:30:15
  • Zuletzt bearbeitet 07.04.2026 13:20:35

A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is the function fromSysToolChangePwd of the file /bin/httpd. Performing a manipulation of the argument sys.userpass results in stack-based buffer overflow...

6.3

CVE-2026-5547

  • EPSS 0.83%
  • Veröffentlicht 05.04.2026 07:15:15
  • Zuletzt bearbeitet 07.04.2026 13:20:35

A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoi...

6.5

CVE-2025-67074

Exploit
  • EPSS 0.11%
  • Veröffentlicht 17.12.2025 00:00:00
  • Zuletzt bearbeitet 02.01.2026 19:44:26

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `server...

9.8

CVE-2025-67073

Exploit
  • EPSS 0.33%
  • Veröffentlicht 17.12.2025 00:00:00
  • Zuletzt bearbeitet 02.01.2026 19:45:45

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `servic...

9.8

CVE-2025-12622

Exploit
  • EPSS 0.12%
  • Veröffentlicht 03.11.2025 07:32:13
  • Zuletzt bearbeitet 05.11.2025 14:34:51

A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely...

5.3

CVE-2025-57218

Exploit
  • EPSS 0.09%
  • Veröffentlicht 28.08.2025 00:00:00
  • Zuletzt bearbeitet 03.09.2025 16:11:25

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C.

5.3

CVE-2025-57217

  • EPSS 0.07%
  • Veröffentlicht 28.08.2025 00:00:00
  • Zuletzt bearbeitet 03.09.2025 16:11:31

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler.

5.3

CVE-2025-57219

  • EPSS 0.05%
  • Veröffentlicht 28.08.2025 00:00:00
  • Zuletzt bearbeitet 03.09.2025 16:11:12

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.