📦 Ac15 Firmware
by Tenda
🔍 What is Ac15 Firmware?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
The Tenda AC15 router firmware exposes password hashes in authentication cookies and uses weak session identifiers, allowing attackers to steal and replay cookies for unauthorized access. This affects...
This CVE describes a command injection vulnerability in Tenda AC15 routers that allows remote attackers to execute arbitrary commands via crafted POST requests to the goform/SetIPTVCfg interface. Atta...
This CVE describes a stack-based buffer overflow vulnerability in the 'xkjs_ver32' function of Tenda AC15 routers. Attackers can exploit this to execute arbitrary code with root privileges, potentiall...
This CVE describes a stack-based buffer overflow vulnerability in the 'getIfIp' function of Tenda AC15 routers running firmware version V15.03.05.19. Attackers can exploit this to execute arbitrary co...
A stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by sending specially crafted requests to the affected function. This affects all use...
CVE-2023-30370 is a critical stack-based buffer overflow vulnerability in Tenda AC15 routers' GetValue function. Attackers can exploit this to execute arbitrary code with root privileges, potentially ...
This CVE describes a command injection vulnerability in Tenda AC15 routers that allows attackers to execute arbitrary commands on the device. When combined with CVE-2021-44971, it enables unconditiona...
A stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the wpapsk_crypto2_4g parameter in the /goform/TextEditingConversion...
A stack-based buffer overflow vulnerability exists in Tenda AC15 routers via the /goform/fast_setting_pppoe_set endpoint when manipulating the Password argument. This allows remote attackers to potent...
This vulnerability allows remote attackers to execute arbitrary code on Tenda AC15 routers via a stack-based buffer overflow in the SetDDNSCfg function. Attackers can exploit this without authenticati...
A buffer overflow vulnerability in Tenda AC9 and AC15 routers allows remote attackers to execute arbitrary code by sending specially crafted requests to the /goform/exeCommand endpoint. This affects d...
This vulnerability allows remote attackers to execute arbitrary code on Tenda AC15 routers via a stack overflow in the fromSetIpMacBind function. Attackers can exploit this by sending specially crafte...
A critical buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP POST requests to the /goform/AdvSetLanip endpoint. Th...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP POST requests to the /goform/SetRemoteWeb...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the 'mac' parameter in the formSetDevNetName function. This...
This critical vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the DLNA configuration function. Attackers can exploit this wit...
This CVE describes a stack overflow vulnerability in Tenda AC15 router firmware versions v15.03.20_multi, v15.03.05.19, and v15.03.05.18. The vulnerability exists in the fromWizardHandle function via ...
This CVE describes a command injection vulnerability in Tenda AC15 routers where an attacker can execute arbitrary commands via the deviceName parameter. This allows remote code execution on affected ...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the 'time' parameter in the fromSetSysTime function. This a...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the 'urls' parameter in the saveParentControlInfo function....
This CVE describes a critical stack-based buffer overflow vulnerability in Tenda AC15 routers. Attackers can remotely exploit this by manipulating the 'urls' parameter in the saveParentControlInfo fun...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the password parameter in the Cookie Handler. This affects ...
This critical vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the WiFi configuration function. Attackers can exploit this by ...
This critical vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the WPS configuration function. Attackers can exploit this to t...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the firewallEn parameter. This affects Tenda AC15 routers r...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the filePath parameter in the formExpandDlnaFile function. ...
A critical stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the speed_dir parameter in the formSetSpeedWan function. Th...
This vulnerability allows remote attackers to execute arbitrary operating system commands on Tenda AC9 and AC15 routers through command injection in the formexeCommand function. Attackers can exploit ...
This vulnerability in Tenda AC15 routers allows attackers to bypass firmware update authentication checks, potentially enabling malicious firmware installation. It affects users of Tenda AC15 routers ...
A stack-based buffer overflow vulnerability exists in Tenda AC15 routers version 15.03.05.19. Attackers can exploit this by sending specially crafted requests to the GetParentControlInfo endpoint, pot...
A null pointer dereference vulnerability in Tenda routers allows remote attackers to cause denial of service by manipulating the Content-Length argument in the websReadEvent function. This affects mul...