Tenda: >> A18 Firmware Security Vulnerabilities
A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-30
Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.
CVSS Score
8.8
EPSS Score
0.003
Published
2024-04-17
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-01-09
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-14
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-14
Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-14
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-08
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-12-08