Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ac9_firmware
(Tenda)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 73 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-03-28 | CVE-2022-26278 | Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | Ac9_firmware | 9.8 | ||
| 2022-04-07 | CVE-2022-27016 | There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn. | Ac9_firmware | 9.8 | ||
| 2022-04-07 | CVE-2022-27022 | There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | Ac9_firmware | 9.8 | ||
| 2022-05-03 | CVE-2022-28560 | There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | Ac9_firmware | 9.8 | ||
| 2022-05-24 | CVE-2021-42659 | There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | Ac9_firmware | 6.5 | ||
| 2022-08-16 | CVE-2022-36273 | Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. | Ac9_firmware | 9.8 | ||
| 2022-08-31 | CVE-2022-36568 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList. | Ac9_firmware | 8.8 | ||
| 2022-08-31 | CVE-2022-36569 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg. | Ac9_firmware | 8.8 | ||
| 2022-08-31 | CVE-2022-36570 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg. | Ac9_firmware | 7.2 | ||
| 2022-08-31 | CVE-2022-36571 | Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting. | Ac9_firmware | 7.2 |