Every CVE whose affected-product data names Tenda Ac23 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2022-43101 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
CVE-2022-43102 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function.
CVE-2022-43103 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the list parameter in the formSetQosBand function.
CVE-2022-43104 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.
CVE-2022-43105 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
CVE-2022-43106 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function.
CVE-2022-43107 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
CVE-2022-43108 — CVSS 9.8 (critical): Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2025-9605 — CVSS 9.8 (critical): A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file…
CVE-2025-8060 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC23 16.03.07.52 and classified as critical. Affected by this vulnerability is the function…
CVE-2023-40797 — CVSS 8.8 (high): In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a…
CVE-2023-40798 — CVSS 8.8 (high): In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting…
CVE-2026-0640 — CVSS 8.8 (high): A weakness has been identified in Tenda AC23 16.03.07.52. This affects the function sscanf of the file /goform/PowerSaveSet. Executing a…
CVE-2023-40800 — CVSS 8.8 (high): The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow…
CVE-2026-1420 — CVSS 8.8 (high): A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of…
CVE-2025-10803 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file…
CVE-2025-11356 — CVSS 8.8 (high): A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteC…
CVE-2025-12595 — CVSS 8.8 (high): A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCf…
CVE-2025-12596 — CVSS 8.8 (high): A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file…
CVE-2025-15216 — CVSS 8.8 (high): A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such…
CVE-2025-15217 — CVSS 8.8 (high): A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST…
CVE-2023-24334 — CVSS 8.0 (high): A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary…
CVE-2023-0782 — CVSS 7.2 (high): A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function…
CVE-2023-2649 — CVSS 7.2 (high): A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been declared as critical. This vulnerability affects unknown code of the…
CVE-2025-3167 — CVSS 6.5 (medium): A vulnerability, which was classified as problematic, has been found in Tenda AC23 16.03.07.52. This issue affects some unknown processing…
CVE-2023-40802 — CVSS 6.5 (medium): The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow…