Tenda Ac18 vulnerabilities

30 known vulnerabilities affecting tenda/ac18.

Total CVEs
30
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH24MEDIUM5

Vulnerabilities

Page 2 of 2
CVE-2024-2546HIGHCVSS 8.8v15.13.07.092024-03-17
CVE-2024-2546 [HIGH] CWE-121 CVE-2024-2546: A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by thi A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated
cvelistv5nvd
CVE-2024-2547HIGHCVSS 8.8v15.03.05.052024-03-17
CVE-2024-2547 [HIGH] CWE-121 CVE-2024-2547: A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this iss A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerabili
cvelistv5nvd
CVE-2024-2560MEDIUMCVSS 4.3v15.03.05.052024-03-17
CVE-2024-2560 [MEDIUM] CWE-352 CVE-2024-2560: A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vuln A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associate
cvelistv5nvd
CVE-2024-2559MEDIUMCVSS 6.5v15.03.05.052024-03-17
CVE-2024-2559 [MEDIUM] CWE-352 CVE-2024-2559: A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257058 is the identifier a
cvelistv5nvd
CVE-2024-2487HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2487 [HIGH] CWE-121 CVE-2024-2487: A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerab A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName/mac leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and ma
cvelistv5nvd
CVE-2024-2486HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2486 [HIGH] CWE-121 CVE-2024-2486: A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affect A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used
cvelistv5nvd
CVE-2024-2488HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2488 [HIGH] CWE-121 CVE-2024-2488: A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affec A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIP leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The
cvelistv5nvd
CVE-2024-2489HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2489 [HIGH] CWE-121 CVE-2024-2489: A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the fun A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identif
cvelistv5nvd
CVE-2024-2485HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2485 [HIGH] CWE-121 CVE-2024-2485: A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this iss A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The ide
cvelistv5nvd
CVE-2024-2490HIGHCVSS 8.8v15.03.05.052024-03-15
CVE-2024-2490 [HIGH] CWE-121 CVE-2024-2490: A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnera A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and
cvelistv5nvd
← Previous2 / 2