GCVE - cpe:2.3:h:tendacn:ac10:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:tendacn:ac10:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Tendacn (`911f347d-94dc-5fe9-b545-6a7f771d2f53`)
Product	Ac10 (`a803f5a7-288c-5ca8-aba5-d302dc3a275c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-26243`	not_vulnerable	2026-06-03 14:46:41.818199	Details available Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function. Published: 2022-03-23T18:57:15.000Z Updated: 2024-08-03T04:56:37.936Z Open on db.gcve.eu Reference links https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-4-sscanf-buffer-overflow-75ae0e06abb6	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38772`	not_vulnerable	2026-06-03 14:45:07.967803	Details available Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. Published: 2022-03-23T18:57:11.000Z Updated: 2024-08-04T01:51:20.057Z Open on db.gcve.eu Reference links https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-3-yet-another-buffer-overflow-4eb322f64823	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-38278`	not_vulnerable	2026-06-03 14:45:01.692840	Details available Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function. Published: 2022-03-23T18:57:10.000Z Updated: 2024-08-04T01:37:16.409Z Open on db.gcve.eu Reference links https://noob3xploiter.medium.com/hacking-the-tenda-ac10-1200-router-part-2-strcpy-buffer-overflow-92cd88e1d503	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16334`	not_vulnerable	2026-06-03 14:38:20.344395	Details available An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection. Published: 2018-09-02T03:00:00.000Z Updated: 2024-08-05T10:24:32.306Z Open on db.gcve.eu Reference links https://github.com/zsjevilhex/iot/blob/master/route/tenda/tenda-04/tenda.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-16333`	not_vulnerable	2026-06-03 14:38:20.341264	Details available An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. Published: 2018-09-02T03:00:00.000Z Updated: 2024-08-05T10:24:31.599Z Open on db.gcve.eu Reference links https://github.com/ZIllR0/Routers/blob/master/Tenda/oob1.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-14492`	not_vulnerable	2026-06-03 14:38:12.144215	Details available Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. Published: 2018-07-21T12:00:00.000Z Updated: 2024-09-16T18:18:05.077Z Open on db.gcve.eu Reference links https://github.com/ZIllR0/Routers/blob/master/Tendaoob1.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.