Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ac6_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 54 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-18 | CVE-2022-25458 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function. | Ac6_firmware | 9.8 | ||
| 2022-03-18 | CVE-2022-25459 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function. | Ac6_firmware | 9.8 | ||
| 2022-03-18 | CVE-2022-25460 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function. | Ac6_firmware | 9.8 | ||
| 2022-03-18 | CVE-2022-25461 | Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function. | Ac6_firmware | 9.8 | ||
| 2022-10-13 | CVE-2022-41485 | Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | Ac6_firmware, Ac6v2\.0_firmware | 7.5 | ||
| 2022-12-01 | CVE-2022-45640 | Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local). | Ac6_firmware | 7.5 | ||
| 2022-12-02 | CVE-2022-45673 | Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | Ac6_firmware | 6.5 | ||
| 2022-12-02 | CVE-2022-45674 | Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | Ac6_firmware | 6.5 | ||
| 2022-12-02 | CVE-2022-45641 | Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg. | Ac6_firmware | 7.5 | ||
| 2023-05-27 | CVE-2023-2923 | A vulnerability classified as critical was found in Tenda AC6 US_AC6V1.0BR_V15.03.05.19. Affected by this vulnerability is the function fromDhcpListClient. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-230077 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | Ac6_firmware | 9.8 |