Ac6_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ac6_firmware
(Tenda)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	64

Date	Id	Summary	Products	Score	Patch	Annotated
2023-08-30	CVE-2023-40839	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command execution vulnerability. In the "formSetIptv" function, obtaining the "list" and "vlanId" fields, unfiltered passing these two fields as parameters to the "sub_ADF3C" function to execute commands.	Ac6_firmware	9.8
2023-08-30	CVE-2023-40840	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "fromGetWirelessRepeat."	Ac6_firmware	9.8
2023-08-30	CVE-2023-40841	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "add_white_node,"	Ac6_firmware	9.8
2023-08-30	CVE-2023-40842	Tengda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "R7WebsSecurityHandler."	Ac6_firmware	9.8
2023-08-30	CVE-2023-40843	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function "sub_73004."	Ac6_firmware	9.8
2023-08-30	CVE-2023-40844	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'formWifiBasicSet.'	Ac6_firmware	9.8
2023-08-30	CVE-2023-40847	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "initIpAddrInfo." In the function, it reads in a user-provided parameter, and the variable is passed to the function without any length check.	Ac6_firmware	9.8
2023-08-30	CVE-2023-40845	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function 'sub_34FD0.' In the function, it reads user provided parameters and passes variables to the function without any length checks.	Ac6_firmware	9.8
2023-08-30	CVE-2023-40848	Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via the function "sub_7D858."	Ac6_firmware	9.8
2023-09-05	CVE-2021-40546	Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.	Ac6_firmware	4.9