Filtered by vendor Tenda Subscriptions
Filtered by product Ac18 Firmware Subscriptions
Total 98 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-24170 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/fromSetWirelessRepeat.
CVE-2023-24169 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c.
CVE-2023-24167 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/add_white_node.
CVE-2023-24166 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/formWifiBasicSet.
CVE-2023-24165 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/initIpAddrInfo.
CVE-2023-24164 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-28 9.8 Critical
Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_000c2318.
CVE-2024-57582 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-22 9.8 Critical
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function.
CVE-2024-57579 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-20 9.8 Critical
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function.
CVE-2024-57581 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-18 9.8 Critical
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2024-57580 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-18 9.8 Critical
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
CVE-2024-57578 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-17 5.7 Medium
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function.
CVE-2024-57577 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-17 5.7 Medium
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
CVE-2024-34974 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-17 8.2 High
Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.
CVE-2024-28545 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-14 9.8 Critical
Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter of formsetUsbUnload function.
CVE-2024-28551 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-14 7.5 High
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the ssid parameter of form_fast_setting_wifi_set function.
CVE-2024-28547 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-13 6.5 Medium
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the firewallEn parameter of formSetFirewallCfg function.
CVE-2024-28537 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-13 9.8 Critical
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function.
CVE-2024-28550 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-13 4.3 Medium
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the filePath parameter of formExpandDlnaFile function.
CVE-2024-2546 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-11 8.8 High
A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-2485 1 Tenda 2 Ac18, Ac18 Firmware 2025-02-13 8.8 High
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.