Filtered by vendor Tenda Subscriptions
Filtered by product Ac6 Subscriptions

Search

Switch to Advanced Search (Beta)
Total 59 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-24332 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-25 8.1 High
A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.
CVE-2025-0349 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-22 8.8 High
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
CVE-2023-40830 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-19 9.8 Critical
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.
CVE-2025-29031 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-19 9.8 Critical
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
CVE-2025-29030 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-19 9.8 Critical
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
CVE-2025-29029 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-18 9.8 Critical
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
CVE-2025-25343 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-05 9.8 Critical
Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function.
CVE-2023-26976 1 Tenda 2 Ac6, Ac6 Firmware 2025-02-13 7.5 High
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.
CVE-2022-40010 1 Tenda 2 Ac6, Ac6 Firmware 2024-12-05 5.4 Medium
Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.
CVE-2023-40848 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."
CVE-2023-40847 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.
CVE-2023-40846 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
CVE-2023-40845 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.
CVE-2023-40844 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'
CVE-2023-40843 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."
CVE-2023-40842 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."
CVE-2023-40841 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"
CVE-2023-40840 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."
CVE-2023-40839 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.
CVE-2023-40838 1 Tenda 2 Ac6, Ac6 Firmware 2024-11-21 9.8 Critical
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command execution vulnerability.