Tenda

Ac6

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-8263

Exploit
  • EPSS 4.55%
  • Veröffentlicht 11.05.2026 02:16:28
  • Zuletzt bearbeitet 12.05.2026 19:41:18

A security flaw has been discovered in Tenda AC6 15.03.06.49_multi_TDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command...

9.8

CVE-2025-52221

Exploit
  • EPSS 0.39%
  • Veröffentlicht 08.04.2026 00:00:00
  • Zuletzt bearbeitet 13.04.2026 11:36:50

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.

9

CVE-2026-4961

Exploit
  • EPSS 0.77%
  • Veröffentlicht 27.03.2026 16:09:39
  • Zuletzt bearbeitet 31.03.2026 16:26:10

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack...

9

CVE-2026-4960

Exploit
  • EPSS 0.77%
  • Veröffentlicht 27.03.2026 16:09:34
  • Zuletzt bearbeitet 31.03.2026 20:58:48

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buff...

8.8

CVE-2025-12225

Exploit
  • EPSS 0.94%
  • Veröffentlicht 27.10.2025 05:02:06
  • Zuletzt bearbeitet 28.10.2025 02:21:08

A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overf...

7.5

CVE-2025-60341

Exploit
  • EPSS 0.36%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 28.10.2025 16:15:38

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60338

Exploit
  • EPSS 0.45%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 23.10.2025 17:15:39

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60337

Exploit
  • EPSS 0.38%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 27.10.2025 16:15:41

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

7.5

CVE-2025-60339

Exploit
  • EPSS 0.37%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 27.10.2025 16:15:41

Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters.

7.5

CVE-2025-60340

Exploit
  • EPSS 0.37%
  • Veröffentlicht 22.10.2025 00:00:00
  • Zuletzt bearbeitet 28.10.2025 16:15:38

Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.