Tenda

Ac7 Firmware

67 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2025-1851

  • EPSS 0.82%
  • Veröffentlicht 03.03.2025 05:15:10
  • Zuletzt bearbeitet 10.04.2025 13:32:42

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer over...

9.8

CVE-2025-1819

  • EPSS 1.66%
  • Veröffentlicht 02.03.2025 17:15:11
  • Zuletzt bearbeitet 16.07.2025 14:13:01

A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. The manipulation of the argument lan_ip leads to os command injection. It is possible to lau...

8.8

CVE-2024-48826

Exploit
  • EPSS 2.02%
  • Veröffentlicht 28.10.2024 20:15:06
  • Zuletzt bearbeitet 17.03.2025 14:41:08

Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.

8.8

CVE-2024-48825

Exploit
  • EPSS 2.02%
  • Veröffentlicht 28.10.2024 20:15:06
  • Zuletzt bearbeitet 17.03.2025 14:40:19

Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code.

7.5

CVE-2024-10280

  • EPSS 0.22%
  • Veröffentlicht 23.10.2024 14:15:04
  • Zuletzt bearbeitet 01.11.2024 14:03:20

A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as problematic. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argu...

9.8

CVE-2024-32301

Exploit
  • EPSS 0.28%
  • Veröffentlicht 17.04.2024 13:15:08
  • Zuletzt bearbeitet 17.03.2025 14:37:20

Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.

8.8

CVE-2024-32281

Exploit
  • EPSS 3.29%
  • Veröffentlicht 17.04.2024 13:15:08
  • Zuletzt bearbeitet 17.03.2025 14:35:04

Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand function via the cmdinput parameter.

8.8

CVE-2024-2903

Exploit
  • EPSS 0.68%
  • Veröffentlicht 26.03.2024 21:15:53
  • Zuletzt bearbeitet 22.01.2025 17:48:48

A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow....

8.8

CVE-2024-2902

Exploit
  • EPSS 0.32%
  • Veröffentlicht 26.03.2024 20:15:11
  • Zuletzt bearbeitet 22.01.2025 17:51:36

A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to stack-based buffer overflow. T...

8.8

CVE-2024-2901

Exploit
  • EPSS 0.49%
  • Veröffentlicht 26.03.2024 20:15:10
  • Zuletzt bearbeitet 22.01.2025 17:51:47

A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer over...