Vulnerabilities (CVE)

Filtered by vendor Tenda Subscribe
Filtered by product Ac9 Firmware
Total 92 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-6016 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.
CVE-2026-6015 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-2192 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 8.3 HIGH 7.2 HIGH
A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
CVE-2026-2191 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 8.3 HIGH 7.2 HIGH
A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2025-9731 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 1.0 LOW 2.5 LOW
A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized.
CVE-2025-5900 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 5.0 MEDIUM 4.3 MEDIUM
A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5847 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5839 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument lanMask leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5836 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 6.5 MEDIUM 6.3 MEDIUM
A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-57639 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 6.5 MEDIUM
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.
CVE-2025-57638 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 7.5 HIGH
Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.
CVE-2025-45429 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
CVE-2025-45428 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-45427 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-45042 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.
CVE-2025-44877 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2025-44872 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2025-29387 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 7.1 HIGH
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-29386 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-29385 1 Tenda 2 Ac9, Ac9 Firmware 2026-06-17 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.