Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda Subscribe
Filtered by product Ac18

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38823 1 Tenda 8 Ac18, Ac18 Firmware, Ac19 and 5 more 2023-11-28 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
CVE-2022-30476 1 Tenda 2 Ac18, Ac18 Firmware 2022-06-03 7.5 HIGH 9.8 CRITICAL
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request.
CVE-2022-30474 1 Tenda 2 Ac18, Ac18 Firmware 2022-06-03 7.5 HIGH 9.8 CRITICAL
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request.
CVE-2022-30472 1 Tenda 2 Ac18, Ac18 Firmware 2022-06-03 7.5 HIGH 9.8 CRITICAL
Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat
CVE-2022-30477 1 Tenda 2 Ac18, Ac18 Firmware 2022-06-03 7.5 HIGH 9.8 CRITICAL
Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request.
CVE-2018-18728 1 Tenda 6 Ac15, Ac15 Firmware, Ac18 and 3 more 2019-10-03 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.
CVE-2018-18729 1 Tenda 10 Ac10, Ac10 Firmware, Ac15 and 7 more 2019-10-03 9.0 HIGH 9.8 CRITICAL
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server -- httpd. While processing the 'mac' parameter for a post request, the value is directly used in a strcpy to a variable placed on the heap, which can leak sensitive information or even hijack program control flow.