Tenda

Ac10 Firmware

88 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-3161

  • EPSS 0.84%
  • Veröffentlicht 03.04.2025 15:15:53
  • Zuletzt bearbeitet 09.04.2025 16:27:24

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack ...

9.8

CVE-2025-25675

  • EPSS 0.8%
  • Veröffentlicht 20.02.2025 23:15:12
  • Zuletzt bearbeitet 17.03.2025 14:26:22

Tenda AC10 V1.0 V15.03.06.23 has a command injection vulnerablility located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmd_buf variable, which is directly used in ...

9.8

CVE-2025-25674

  • EPSS 0.18%
  • Veröffentlicht 20.02.2025 23:15:12
  • Zuletzt bearbeitet 17.03.2025 14:23:02

Tenda AC10 V1.0 V15.03.06.23 is vulnerable to Buffer Overflow in form_fast_setting_wifi_set via the parameter ssid.

7.2

CVE-2025-0528

Exploit
  • EPSS 0.92%
  • Veröffentlicht 17.01.2025 15:15:12
  • Zuletzt bearbeitet 28.05.2025 14:42:21

A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some unknown functionality of the file /goform/telnet of the component HTTP Request Handler. The manipulation leads t...

8.8

CVE-2024-11248

Exploit
  • EPSS 1%
  • Veröffentlicht 15.11.2024 17:15:19
  • Zuletzt bearbeitet 19.11.2024 21:51:57

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to stack-based buffer...

8.8

CVE-2024-11061

Exploit
  • EPSS 0.3%
  • Veröffentlicht 11.11.2024 01:15:04
  • Zuletzt bearbeitet 13.11.2024 23:04:25

A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer o...

8.8

CVE-2024-11056

Exploit
  • EPSS 0.19%
  • Veröffentlicht 10.11.2024 17:15:15
  • Zuletzt bearbeitet 14.11.2024 15:21:09

A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is...

7.5

CVE-2024-10280

  • EPSS 0.22%
  • Veröffentlicht 23.10.2024 14:15:04
  • Zuletzt bearbeitet 01.11.2024 14:03:20

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argu...

7.5

CVE-2024-33365

Exploit
  • EPSS 4.94%
  • Veröffentlicht 29.07.2024 17:15:10
  • Zuletzt bearbeitet 07.07.2025 16:09:32

Buffer Overflow vulnerability in Tenda AC10 v4 US_AC10V4.0si_V16.03.10.20_cn allows a remote attacker to execute arbitrary code via the Virtual_Data_Check function in the bin/httpd component.

7.5

CVE-2024-32317

Exploit
  • EPSS 0.25%
  • Veröffentlicht 17.04.2024 16:15:09
  • Zuletzt bearbeitet 17.03.2025 14:22:37

Tenda AC10 v4.0 V16.03.10.13 and V16.03.10.20 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.