Every CVE whose affected-product data names Tenda Ac1206 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (44)
CVE-2022-37808 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB.
CVE-2022-37799 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement.
CVE-2022-37800 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.
CVE-2022-37801 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37802 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting.
CVE-2022-37803 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat.
CVE-2022-37804 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo.
CVE-2022-37806 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient.
CVE-2022-37798 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.
CVE-2022-37809 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.
CVE-2022-37810 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
CVE-2022-37811 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer.
CVE-2022-37812 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg.
CVE-2022-37814 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function…
CVE-2022-37815 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the PPPOEPassword parameter in the function formQuickIndex.
CVE-2023-37710 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the wpapsk_crypto parameter in the…
CVE-2023-37711 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23 and AC10 V15.03.06.47 were discovered to contain a stack overflow in the deviceId parameter in the…
CVE-2023-37712 — CVSS 9.8 (critical): Tenda AC1206 V15.03.06.23, F1202 V1.2.0.20(408), and FH1202 V1.2.0.20(408) were discovered to contain a stack overflow in the page…
CVE-2023-37716 — CVSS 9.8 (critical): Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to…
CVE-2023-37717 — CVSS 9.8 (critical): Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to…
CVE-2025-10432 — CVSS 9.8 (critical): A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file…
CVE-2025-9523 — CVSS 9.8 (critical): A vulnerability was detected in Tenda AC1206 15.03.06.23. Affected is the function GetParentControlInfo of the file /goform/GetParentControl…
CVE-2025-3328 — CVSS 8.8 (high): A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_s…
CVE-2025-4299 — CVSS 8.8 (high): A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of…
CVE-2025-7544 — CVSS 8.8 (high): A vulnerability was found in Tenda AC1206 15.03.06.23. It has been rated as critical. This issue affects the function formSetMacFilterCfg…
CVE-2024-10434 — CVSS 8.8 (high): A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function…
CVE-2025-4298 — CVSS 8.8 (high): A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function…
CVE-2022-42081 — CVSS 7.5 (high): Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter.
CVE-2022-42079 — CVSS 7.5 (high): Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet.
CVE-2022-42080 — CVSS 7.5 (high): Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter.
CVE-2024-10280 — CVSS 6.5 (medium): A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as…
CVE-2022-42077 — CVSS 6.5 (medium): Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-42078 — CVSS 6.5 (medium): Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2026-0581 — CVSS 6.3 (medium): A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function formBehaviorManager of the file…
CVE-2024-9793 — CVSS 6.3 (medium): A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function…