Tenda Ac15 vulnerabilities

CVE-2024-2852 [HIGH] CWE-121 CVE-2024-2852: A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulne A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public a

CVE-2024-2851 [MEDIUM] CWE-78 CVE-2024-2851: A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critic A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may b

CVE-2024-2855 [HIGH] CWE-121 CVE-2024-2855: A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Aff A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and

CVE-2024-2810 [HIGH] CWE-121 CVE-2024-2810: A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and

CVE-2024-2807 [HIGH] CWE-121 CVE-2024-2807: A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vuln A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and ma

CVE-2024-2814 [HIGH] CWE-121 CVE-2024-2814: A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue af A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The i

CVE-2024-2809 [HIGH] CWE-121 CVE-2024-2809: A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_mult A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public

CVE-2024-2806 [HIGH] CWE-121 CVE-2024-2806: A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This A vulnerability classified as critical has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This affects the function addWifiMacFilter of the file /goform/addWifiMacFilter. The manipulation of the argument deviceId/deviceMac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the pu

CVE-2024-2808 [HIGH] CWE-121 CVE-2024-2808: A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20 A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public

CVE-2024-2811 [HIGH] CWE-121 CVE-2024-2811: A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257

CVE-2024-2815 [HIGH] CWE-121 CVE-2024-2815: A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to

CVE-2024-2813 [HIGH] CWE-121 CVE-2024-2813: A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulne A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the pub

CVE-2024-2805 [HIGH] CWE-121 CVE-2024-2805: A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been rated as critical. A A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been rated as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and m

CVE-2024-2812 [MEDIUM] CWE-78 CVE-2024-2812: A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critic A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use

CVE-2024-2816 [MEDIUM] CWE-352 CVE-2024-2816: A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vuln A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identi

CVE-2024-2817 [MEDIUM] CWE-352 CVE-2024-2817: A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affe A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The