Every CVE whose affected-product data names Tenda Ac9 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (92)
CVE-2025-22946 — CVSS 9.8 (critical): Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote…
CVE-2022-25440 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function.
CVE-2022-25441 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the vlanid parameter in the SetIPTVCfg…
CVE-2022-26278 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.
CVE-2022-27016 — CVSS 9.8 (critical): There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn.
CVE-2022-27022 — CVSS 9.8 (critical): There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can…
CVE-2022-28560 — CVSS 9.8 (critical): There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn…
CVE-2023-41552 — CVSS 9.8 (critical): Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parameter ssid at url…
CVE-2023-41553 — CVSS 9.8 (critical): Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter list…
CVE-2023-41554 — CVSS 9.8 (critical): Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter wpapsk_crypto at url /goform/WifiExtraSet.
CVE-2023-41556 — CVSS 9.8 (critical): Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack…
CVE-2023-41559 — CVSS 9.8 (critical): Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack…
CVE-2023-41560 — CVSS 9.8 (critical): Tenda AC9 V3.0 V15.03.06.42_multi was discovered to contain a stack overflow via parameter firewallEn at url /goform/SetFirewallCfg.
CVE-2023-41561 — CVSS 9.8 (critical): Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter…
CVE-2023-41562 — CVSS 9.8 (critical): Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack…
CVE-2023-41563 — CVSS 9.8 (critical): Tenda AC9 V3.0 V15.03.06.42_multi and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter mac at…
CVE-2024-24543 — CVSS 9.8 (critical): Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote…
CVE-2024-25751 — CVSS 9.8 (critical): A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to…
CVE-2024-42634 — CVSS 9.8 (critical): A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15.03.06.42. As a result, attacker can…
CVE-2025-22949 — CVSS 9.8 (critical): Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code…
CVE-2025-29384 — CVSS 9.8 (critical): In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to…
CVE-2025-29385 — CVSS 9.8 (critical): In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead…
CVE-2025-29386 — CVSS 9.8 (critical): In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to…
CVE-2025-44872 — CVSS 9.8 (critical): Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName…
CVE-2025-44877 — CVSS 9.8 (critical): Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname…
CVE-2025-45042 — CVSS 9.8 (critical): Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.
CVE-2025-45427 — CVSS 9.8 (critical): In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability…
CVE-2025-45428 — CVSS 9.8 (critical): In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow…
CVE-2025-45429 — CVSS 9.8 (critical): In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may…
CVE-2018-18728 — CVSS 9.8 (critical): An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote…
CVE-2018-18729 — CVSS 9.8 (critical): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2020-26728 — CVSS 9.8 (critical): A vulnerability was discovered in Tenda AC9 v3.0 V15.03.06.42_multi and Tenda AC9 V1.0 V15.03.05.19(6318)_CN which allows for remote code…
CVE-2022-25427 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function.
CVE-2022-25428 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in the saveparentcontrolinfo function.
CVE-2022-25429 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the saveparentcontrolinfo function.
CVE-2022-25431 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10 and V11 parameter in the Formsetqosband…
CVE-2022-25433 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the saveparentcontrolinfo function.
CVE-2022-25434 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in the SetFirewallCfg function.
CVE-2022-25435 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function.
CVE-2022-25437 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetVirtualServerCfg function.
CVE-2022-25438 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability via the SetIPTVCfg function.
CVE-2022-25439 — CVSS 9.8 (critical): Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
CVE-2022-36569 — CVSS 8.8 (high): Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.
CVE-2024-25748 — CVSS 8.8 (high): A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to…
CVE-2026-6016 — CVSS 8.8 (high): A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the…
CVE-2024-25746 — CVSS 8.8 (high): Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute…
CVE-2024-25753 — CVSS 8.8 (high): Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to execute…
CVE-2022-36568 — CVSS 8.8 (high): Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the list parameter at /goform/setPptpUserList.
CVE-2026-6015 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the…
CVE-2025-5847 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-10443 — CVSS 8.8 (high): A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the…
CVE-2025-5839 — CVSS 8.8 (high): A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function…
CVE-2017-16923 — CVSS 8.8 (high): Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_…
CVE-2024-25756 — CVSS 8.0 (high): A Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42_multi allows a remote attacker to…
CVE-2025-57638 — CVSS 7.5 (high): Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.
CVE-2018-14557 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through…
CVE-2018-14559 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through…
CVE-2018-18706 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18707 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18708 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18709 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18727 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18730 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18731 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2018-18732 — CVSS 7.5 (high): An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18…
CVE-2022-36570 — CVSS 7.2 (high): Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the time parameter at /goform/SetLEDCfg.
CVE-2026-2191 — CVSS 7.2 (high): A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the…
CVE-2026-2192 — CVSS 7.2 (high): A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function…
CVE-2022-36571 — CVSS 7.2 (high): Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the mask parameter at /goform/WanParameterSetting.
CVE-2025-29387 — CVSS 7.1 (high): In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead…
CVE-2024-10280 — CVSS 6.5 (medium): A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as…
CVE-2021-42659 — CVSS 6.5 (medium): There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0…
CVE-2025-57639 — CVSS 6.5 (medium): OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the…
CVE-2017-16936 — CVSS 6.5 (medium): Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(631…
CVE-2025-10442 — CVSS 6.3 (medium): A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand…
CVE-2025-5836 — CVSS 6.3 (medium): A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file…
CVE-2025-14286 — CVSS 5.3 (medium): A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file…
CVE-2025-5900 — CVSS 4.3 (medium): A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation…
CVE-2025-9731 — CVSS 2.5 (low): A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the…