Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ac1206_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 39 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-10-12 | CVE-2022-42077 | Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | Ac1206_firmware | 6.5 | ||
| 2022-10-12 | CVE-2022-42078 | Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | Ac1206_firmware | 6.5 | ||
| 2022-10-12 | CVE-2022-42079 | Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet. | Ac1206_firmware | 7.5 | ||
| 2022-10-12 | CVE-2022-42080 | Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | Ac1206_firmware | 7.5 | ||
| 2022-10-12 | CVE-2022-42081 | Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter. | Ac1206_firmware | 7.5 | ||
| 2025-05-06 | CVE-2025-4298 | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Ac1206_firmware | 9.8 | ||
| 2025-05-06 | CVE-2025-4299 | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Ac1206_firmware | 9.8 | ||
| 2023-07-10 | CVE-2023-37712 | Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page parameter in the fromSetIpBind function. | Ac1206_firmware, F1202_firmware, Fh1202_firmware | 9.8 | ||
| 2022-08-25 | CVE-2022-37798 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer. | Ac1206_firmware | 9.8 | ||
| 2022-08-25 | CVE-2022-37799 | Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement. | Ac1206_firmware | 9.8 |