Tenda

Ac6 Firmware

104 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-52221

Exploit
  • EPSS 0.04%
  • Veröffentlicht 08.04.2026 00:00:00
  • Zuletzt bearbeitet 13.04.2026 11:36:50

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.

9

CVE-2026-4961

Exploit
  • EPSS 0.08%
  • Veröffentlicht 27.03.2026 16:09:39
  • Zuletzt bearbeitet 31.03.2026 16:26:10

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack...

9

CVE-2026-4960

Exploit
  • EPSS 0.08%
  • Veröffentlicht 27.03.2026 16:09:34
  • Zuletzt bearbeitet 31.03.2026 20:58:48

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buff...

7.5

CVE-2025-70252

Exploit
  • EPSS 0.05%
  • Veröffentlicht 02.03.2026 00:00:00
  • Zuletzt bearbeitet 06.03.2026 21:04:07

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads ...

8.8

CVE-2025-12225

Exploit
  • EPSS 0.29%
  • Veröffentlicht 27.10.2025 05:02:06
  • Zuletzt bearbeitet 28.10.2025 02:21:08

A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overf...

7.5

CVE-2025-60338

Exploit
  • EPSS 0.11%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 23.10.2025 17:15:39

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60337

Exploit
  • EPSS 0.11%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 27.10.2025 16:15:41

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60339

Exploit
  • EPSS 0.11%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 27.10.2025 16:15:41

Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters.

7.5

CVE-2025-60340

Exploit
  • EPSS 0.11%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 28.10.2025 16:15:38

Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.

7.5

CVE-2025-60341

Exploit
  • EPSS 0.11%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 28.10.2025 16:15:38

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.