Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ac15_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 61 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-08 | CVE-2025-5849 | A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | Ac15_firmware | 8.8 | ||
| 2025-06-08 | CVE-2025-5848 | A vulnerability was found in Tenda AC15 15.03.05.19_multi and classified as critical. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. The manipulation of the argument list leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Ac15_firmware | 8.8 | ||
| 2025-06-08 | CVE-2025-5850 | A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Ac15_firmware | 8.8 | ||
| 2025-06-09 | CVE-2025-5851 | A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been rated as critical. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip of the component HTTP POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Ac15_firmware | 8.8 | ||
| 2022-09-23 | CVE-2022-40851 | Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | Ac15_firmware | 9.8 | ||
| 2022-10-18 | CVE-2022-43259 | Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | Ac15_firmware | 7.5 | ||
| 2022-11-21 | CVE-2022-44167 | Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer. | Ac15_firmware | 7.5 | ||
| 2022-11-21 | CVE-2022-44168 | Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function fromSetRouteStatic.. | Ac15_firmware | 7.5 | ||
| 2022-11-21 | CVE-2022-44169 | Tenda AC15 V15.03.05.18 is vulnerable to Buffer Overflow via function formSetVirtualSer. | Ac15_firmware | 7.5 | ||
| 2022-11-21 | CVE-2022-44156 | Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind. | Ac15_firmware | 7.5 |