Lyc-heng/routers

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-42659 ↗	May 24, 2022Tuesday, 24 May 2022, 12:15	6.5 MEDIUM	6.1 MEDIUM
There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs.
CVE-2020-26728 ↗	Feb 11, 2022Friday, 11 February 2022, 19:15	9.8 CRITICAL	7.5 HIGH
A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code execution via shell metacharacters in the guestuser field to the __fastcall function with a POST request.
CVE-2020-22079 ↗	Oct 29, 2021Friday, 29 October 2021, 11:15	9.8 CRITICAL	7.5 HIGH
Stack-based buffer overflow in Tenda AC-10U AC1200 Router US_AC10UV1.0RTL_V15.03.06.48_multi_TDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg.
CVE-2021-31624 ↗	Oct 29, 2021Friday, 29 October 2021, 11:15	8.8 HIGH	5.8 MEDIUM
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter.
CVE-2021-31627 ↗	Oct 29, 2021Friday, 29 October 2021, 11:15	8.8 HIGH	5.8 MEDIUM
Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter.