cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0349,https://securityvulnerability.io/vulnerability/CVE-2025-0349,Stack-based Buffer Overflow in Tenda AC6 by Tenda,"A vulnerability exists in Tenda AC6 15.03.05.16 that allows for a stack-based buffer overflow through the GetParentControlInfo function located in /goform/GetParentControlInfo. Manipulating the 'src' argument could enable remote attackers to exploit the vulnerability, potentially affecting additional parameters. This issue has been publicly disclosed, raising significant concerns regarding its exploitability.",Tenda,Ac6,8.7,HIGH,0.00044999999227002263,false,,false,false,true,2025-01-09T10:31:07.000Z,true,false,false,,2025-01-09T10:31:07.078Z,0
CVE-2024-52714,https://securityvulnerability.io/vulnerability/CVE-2024-52714,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 v2.0, specifically version v15.03.06.50, is susceptible to a buffer overflow vulnerability within the 'fromSetSysTime' function. This flaw can potentially lead to unauthorized access, data corruption, or system crashes, highlighting the need for immediate attention and remediation. Users of Tenda AC6 should prioritize applying security patches and updates to mitigate the associated risks.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0012400000123307109,false,,false,false,false,,,false,false,,2024-11-19T19:15:00.000Z,0
CVE-2024-10698,https://securityvulnerability.io/vulnerability/CVE-2024-10698,Stack-Based Buffer Overflow in Tenda AC6 Router's Device Name Setting Function,"A serious vulnerability has been detected in the Tenda AC6 router, specifically in the function responsible for setting the device name, located within the /goform/SetOnlineDevName file. This flaw arises from a stack-based buffer overflow, which can be triggered by manipulating the devName argument. This vulnerability is particularly alarming as it can be exploited remotely, allowing an attacker to execute arbitrary code and potentially take control of the device. Users of the affected version, v15.03.05.19, should take immediate steps to secure their network, as the details of this exploit have been publicly disclosed and could be leveraged for attacks.",Tenda,Ac6,9.8,CRITICAL,0.0008999999845400453,false,,false,false,true,2024-11-02T13:31:07.000Z,true,false,false,,2024-11-02T13:31:07.358Z,0
CVE-2024-10697,https://securityvulnerability.io/vulnerability/CVE-2024-10697,Command Injection Vulnerability in Tenda AC6 Router Software,"A severe security flaw exists within the Tenda AC6 router's API endpoint, particularly in the function formWriteFacMac located at /goform/WriteFacMac. This vulnerability allows attackers to carry out command injection attacks. By manipulating specific input parameters, an unauthorized user can execute arbitrary commands on the affected device, potentially compromising its integrity. The vulnerability can be exploited remotely, making it accessible without physical access to the device. It is crucial for users of Tenda AC6 routers, especially version 15.03.05.19, to be aware of this risk and implement necessary security measures to safeguard their networks.",Tenda,Ac6,9.8,CRITICAL,0.0006300000241026282,false,,false,false,true,2024-11-02T12:00:08.000Z,true,false,false,,2024-11-02T12:00:08.397Z,0
CVE-2023-38823,https://securityvulnerability.io/vulnerability/CVE-2023-38823,Buffer Overflow Vulnerability in Tenda AC Series Routers,"A vulnerability exists in Tenda AC19 v.1.0, AC18, AC9 v.1.0, and AC6 v.2.0 and v.1.0 routers that allows remote attackers to execute arbitrary code. This buffer overflow issue arises from the improper handling of input in the formSetCfm function within the bin/httpd component, potentially giving attackers unauthorized access to the device. This flaw emphasizes the importance of securing network devices from remote exploitation risks.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0057299998588860035,false,,false,false,false,,,false,false,,2023-11-20T00:00:00.000Z,0
CVE-2023-40830,https://securityvulnerability.io/vulnerability/CVE-2023-40830,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 Router, specifically version 15.03.05.19, is susceptible to a buffer overflow vulnerability due to improper length verification of the Index parameter. This oversight allows attackers to exploit the buffer overflow condition, potentially leading to unauthorized access or degradation of system functionality. Users and administrators should take immediate precautions to mitigate risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002400000113993883,false,,false,false,false,,,false,false,,2023-10-03T00:00:00.000Z,0
CVE-2021-40546,https://securityvulnerability.io/vulnerability/CVE-2021-40546,Denial of Service Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a Denial of Service (DoS) condition due to an improperly validated parameter in the device's firmware. If an attacker, having access to the administrator password, sends an excessively long string to the 'wifiPwd_5G' parameter through the /goform/setWifi interface, it can lead to a device crash, rendering the router temporarily unusable. This vulnerability can be exploited to significantly disrupt network services, emphasizing the importance of safeguarding administrator credentials and promptly updating firmware.",Tenda,Ac6 Firmware,4.9,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2023-09-05T00:00:00.000Z,0
CVE-2023-40839,https://securityvulnerability.io/vulnerability/CVE-2023-40839,Command Execution Issue in Tenda AC6 Router by Tenda,"The Tenda AC6 router is affected by a command execution vulnerability present in the 'formSetIptv' function. This vulnerability arises from the improper handling of input parameters, specifically 'list' and 'vlanId'. These parameters are passed unfiltered into the 'sub_ADF3C' function, which allows attackers to execute arbitrary commands remotely. This represents a significant security risk, potentially compromising the integrity and security of affected devices.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40841,https://securityvulnerability.io/vulnerability/CVE-2023-40841,Buffer Overflow Vulnerability in Tenda AC6 Router by Tenda,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability found in the 'add_white_node' function. This flaw can be exploited by an attacker to execute arbitrary code, potentially compromising the router's integrity and allowing unauthorized access to network resources. It is essential for users of this device to apply necessary security patches and adhere to best practices to safeguard their network.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40845,https://securityvulnerability.io/vulnerability/CVE-2023-40845,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router's firmware is exposed to a buffer overflow vulnerability due to improper handling of user-supplied input in the function 'sub_34FD0'. This lack of length checks allows attackers to exploit the vulnerability, potentially leading to arbitrary code execution and a compromise of the system. Administrators are encouraged to review their firmware versions and apply necessary patches to mitigate this risk.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40847,https://securityvulnerability.io/vulnerability/CVE-2023-40847,Buffer Overflow Vulnerability in Tenda AC6 by Tenda,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability in the 'initIpAddrInfo' function. This issue occurs due to improper validation of user input; a parameter is passed without any length check, allowing potential attackers to exploit this flaw. Such exploitation may lead to unauthorized code execution or denial of service, posing significant risks to network security. It is essential for users of affected versions to apply necessary mitigations promptly.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40837,https://securityvulnerability.io/vulnerability/CVE-2023-40837,Command Execution Vulnerability in Tenda AC6 Product by Tenda,"The Tenda AC6 product is susceptible to a command execution vulnerability found in the 'sub_ADD50' function of the firmware. This vulnerability arises when the 'formSetIptv' function does not properly validate the 'list' and 'vlanId' parameters, allowing an attacker to exploit this flaw by injecting malicious commands. Such exploitation could lead to unauthorized execution of commands on the device, compromising its integrity and potentially impacting the user's network security.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002369999885559082,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40840,https://securityvulnerability.io/vulnerability/CVE-2023-40840,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability within the function 'fromGetWirelessRepeat.' This issue can allow an attacker to exploit the overflow, potentially compromising the router's functionality and security. Users of affected firmware should apply necessary updates or patches to ensure their devices remain secure against potential exploitation.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40838,https://securityvulnerability.io/vulnerability/CVE-2023-40838,Command Execution Vulnerability in Tenda AC6 Router,"The Tenda AC6 router contains a vulnerability in the specific function 'sub_3A1D0,' which allows for the execution of arbitrary commands through crafted input. This weakness could be exploited by attackers to execute malicious code remotely, potentially compromising the device and the network it is connected to. Users are advised to update their firmware and implement robust security measures to mitigate the risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.004720000084489584,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40848,https://securityvulnerability.io/vulnerability/CVE-2023-40848,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is vulnerable to a buffer overflow in the function 'sub_7D858', which could allow an attacker to exploit the device. This flaw could potentially lead to unauthorized access or execution of arbitrary code, compromising the integrity of the router's operations and the network it serves. Users are advised to monitor their devices closely and look for firmware updates that address this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40842,https://securityvulnerability.io/vulnerability/CVE-2023-40842,Buffer Overflow Vulnerability in Tenda AC6 Routers,"The Tenda AC6 router is affected by a buffer overflow vulnerability through the 'R7WebsSecurityHandler' function. This vulnerability can potentially allow attackers to execute arbitrary code and take control of the affected system, posing a significant security threat to users. It is essential for users to secure their devices by applying the latest firmware updates and implementing robust security measures.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40844,https://securityvulnerability.io/vulnerability/CVE-2023-40844,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router is susceptible to a buffer overflow vulnerability through the 'formWifiBasicSet' function. An attacker could exploit this vulnerability to execute arbitrary code, potentially compromising the integrity and security of the device. It's crucial for users to be aware of this risk and take necessary precautions to mitigate potential exploit attempts.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40843,https://securityvulnerability.io/vulnerability/CVE-2023-40843,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router firmware contains a buffer overflow vulnerability within the function 'sub_73004', which may allow attackers to execute arbitrary code or manipulate the device's operation. As a result, users of the Tenda AC6 router should consider applying necessary patches or updates to protect their networks from potential exploitation.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0018400000408291817,false,,false,false,false,,,false,false,,2023-08-30T00:00:00.000Z,0
CVE-2023-40846,https://securityvulnerability.io/vulnerability/CVE-2023-40846,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router, specifically the firmware version US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin, is susceptible to a buffer overflow vulnerability. This issue arises when the function sub_90998 is called, allowing attackers to execute arbitrary code, potentially compromising the device's functionality and security. Users are advised to monitor their devices and apply security patches to mitigate the risks associated with this vulnerability.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.0017999999690800905,false,,false,false,false,,,false,false,,2023-08-28T00:00:00.000Z,0
CVE-2023-39670,https://securityvulnerability.io/vulnerability/CVE-2023-39670,Buffer Overflow Vulnerability in Tenda AC6 Router,"The Tenda AC6 router version _US_AC6V1.0BR_V15.03.05.16 has been identified with a buffer overflow vulnerability due to improper handling of user inputs in the fgets function. This flaw could potentially allow attackers to perform unauthorized actions, leading to system instability or exploitation. It is crucial for users to apply patches or updates provided by Tenda to mitigate this risk.",Tenda,Ac6 Firmware,9.8,CRITICAL,0.002689999993890524,false,,false,false,false,,,false,false,,2023-08-18T03:15:00.000Z,0
CVE-2022-40010,https://securityvulnerability.io/vulnerability/CVE-2022-40010,Cross-Site Scripting Vulnerability in Tenda AC6 AC1200 Smart Dual-Band WiFi Router,"The Tenda AC6 AC1200 Smart Dual-Band WiFi Router version 15.03.06.50_multi features a cross-site scripting vulnerability that can be exploited through the 'deviceId' parameter within the Parental Control module. This flaw could allow an attacker to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized actions within the user’s session.",Tenda,Ac6 Firmware,5.4,MEDIUM,0.0006799999973736703,false,,false,false,false,,,false,false,,2023-06-26T00:00:00.000Z,0
CVE-2023-2923,https://securityvulnerability.io/vulnerability/CVE-2023-2923,Tenda AC6 fromDhcpListClient stack-based overflow,"A stack-based buffer overflow vulnerability has been identified in the Tenda AC6 Router, specifically in the function fromDhcpListClient. This vulnerability can be exploited remotely, potentially allowing an attacker to manipulate the router's functionality by providing crafted input. The exploit has been publicly disclosed, raising concerns for users of the affected firmware version (US_AC6V1.0BR_V15.03.05.19). Initial outreach to the vendor regarding this vulnerability went unanswered, which emphasizes the urgency for users to take necessary precautions.",Tenda,AC6,9.8,CRITICAL,0.004780000075697899,false,,false,false,false,,,false,false,,2023-05-27T08:15:00.000Z,0
CVE-2023-26976,https://securityvulnerability.io/vulnerability/CVE-2023-26976,Stack Overflow Vulnerability in Tenda AC6 Routers,"A stack overflow vulnerability exists in Tenda AC6 routers due to improper handling of the ssid parameter within the form_fast_setting_wifi_set function. This flaw could allow an attacker to exploit the vulnerable components of the router, potentially leading to unauthorized access and the execution of arbitrary code. Users are urged to check their firmware and apply any available patches to mitigate the risk posed by this vulnerability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0008900000248104334,false,,false,false,true,2023-04-11T11:02:48.000Z,true,false,false,,2023-04-04T02:15:00.000Z,0
CVE-2022-45653,https://securityvulnerability.io/vulnerability/CVE-2022-45653,Buffer Overflow in Tenda AC6 Router by Tenda,"A buffer overflow vulnerability has been identified in the Tenda AC6 V1.0 router, specifically within the fromNatStaticSetting function. This vulnerability occurs when handling the page parameter, potentially allowing an attacker to exploit the overflow and execute arbitrary code. Proper validation and sanitation of user inputs are essential for mitigating this security risk. Users of the affected firmware version are advised to consider updates or alternative configurations to safeguard their networks.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0
CVE-2022-45655,https://securityvulnerability.io/vulnerability/CVE-2022-45655,Buffer Overflow Vulnerability in Tenda AC6 from Tenda Technology,"A buffer overflow vulnerability exists in Tenda AC6 V1.0 V15.03.05.19 caused by improper handling of the timeZone parameter within the form_fast_setting_wifi_set function. This flaw can be exploited by malicious actors to manipulate memory, potentially leading to unauthorized access or resultant system instability.",Tenda,Ac6 Firmware,7.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-12-02T00:00:00.000Z,0