GCVE - cpe:2.3:h:tendacn:ac9:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:tendacn:ac9:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Tendacn (`911f347d-94dc-5fe9-b545-6a7f771d2f53`)
Product	Ac9 (`397107bd-de9e-5ff5-8fe4-a8bec173f6dc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-36233`	not_vulnerable	2026-06-03 14:47:39.549242	Details available Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. Published: 2022-08-19T21:31:12.000Z Updated: 2024-08-03T10:00:04.233Z Open on db.gcve.eu Reference links http://tenda.com https://www.cnblogs.com/Amalll/p/16606980.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16334`	not_vulnerable	2026-06-03 14:38:20.344441	Details available An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection. Published: 2018-09-02T03:00:00.000Z Updated: 2024-08-05T10:24:32.306Z Open on db.gcve.eu Reference links https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-04/tenda.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16333`	not_vulnerable	2026-06-03 14:38:20.342215	Details available An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Published: 2018-09-02T03:00:00.000Z Updated: 2024-08-05T10:24:31.599Z Open on db.gcve.eu Reference links https://github.com/ZIllR0/Routers/blob/master/Tenda/oob1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-14492`	not_vulnerable	2026-06-03 14:38:12.142870	Details available Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. Published: 2018-07-21T12:00:00.000Z Updated: 2024-09-16T18:18:05.077Z Open on db.gcve.eu Reference links https://github.com/ZIllR0/Routers/blob/master/Tendaoob1.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.