Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tenda Subscribe
Filtered by product Ac9 Firmware
Total 41 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36571 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 7.2 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
CVE-2022-36570 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 7.2 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
CVE-2022-36569 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 8.8 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
CVE-2022-36568 1 Tenda 2 Ac9, Ac9 Firmware 2022-09-02 N/A 8.8 HIGH
Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
CVE-2022-36273 1 Tenda 2 Ac9, Ac9 Firmware 2022-08-17 N/A 9.8 CRITICAL
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
CVE-2021-42659 1 Tenda 2 Ac9, Ac9 Firmware 2022-07-12 6.1 MEDIUM 6.5 MEDIUM
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
CVE-2022-28560 1 Tenda 2 Ac9, Ac9 Firmware 2022-05-11 10.0 HIGH 9.8 CRITICAL
There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
CVE-2022-27022 1 Tenda 2 Ac9, Ac9 Firmware 2022-04-14 10.0 HIGH 9.8 CRITICAL
There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.
CVE-2022-27016 1 Tenda 2 Ac9, Ac9 Firmware 2022-04-14 10.0 HIGH 9.8 CRITICAL
There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.
CVE-2022-26278 1 Tenda 2 Ac9, Ac9 Firmware 2022-04-04 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVE-2022-25440 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
CVE-2022-25438 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
CVE-2022-25437 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
CVE-2022-25429 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
CVE-2022-25428 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
CVE-2022-25441 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg function.
CVE-2022-25435 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
CVE-2022-25439 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
CVE-2022-25431 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
CVE-2022-25427 1 Tenda 2 Ac9, Ac9 Firmware 2022-03-24 10.0 HIGH 9.8 CRITICAL
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.