Shodan
Vulnerabilities
Vulnerable Software
Tenda:  >> Ac9 Firmware  Security Vulnerabilities
CVE-2022-36273
Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.
CVSS Score
9.8
EPSS Score
0.184
Published
2022-08-16
CVE-2021-42659
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-05-24
CVE-2022-28560
There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload
CVSS Score
9.8
EPSS Score
0.004
Published
2022-05-03
CVE-2022-27022
There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-07
CVE-2022-27016
There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-07
CVE-2022-26278
Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-28
CVE-2022-25431
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-18
CVE-2022-25433
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-18
CVE-2022-25434
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
CVSS Score
9.8
EPSS Score
0.025
Published
2022-03-18
CVE-2022-25435
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-03-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved