Tenda: >> Ac18 Firmware Security Vulnerabilities
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-03-15
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-03-12
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-03-12
Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.
CVSS Score
9.8
EPSS Score
0.041
Published
2023-11-20
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function.
CVSS Score
9.8
EPSS Score
0.021
Published
2023-05-05
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-26
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-26
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/formWifiBasicSet.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-01-26
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-26
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-26