Search

Find a vulnerability

Search criteria

    105 vulnerabilities found for ac15 by tenda

    CVE-2026-11493 (GCVE-0-2026-11493)

    Vulnerability from nvd – Published: 2026-06-08 05:45 – Updated: 2026-06-08 13:30
    VLAI
    Title
    Tenda AC15 Samba smb.conf weak password
    Summary
    A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-521 - Weak Password Requirements
    Assigner
    References
    Impacted products
    Vendor Product Version
    Tenda AC15 Affected: 15.03.05.19
        cpe:2.3:o:tenda:ac15_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    L-14 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11493",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-08T13:30:33.197769Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-08T13:30:41.606Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:tenda:ac15_firmware:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Samba"
              ],
              "product": "AC15",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.03.05.19"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "L-14 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "Weak Password Requirements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-08T05:45:09.868Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-369113 | Tenda AC15 Samba smb.conf weak password",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/369113"
            },
            {
              "name": "VDB-369113 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/369113/cti"
            },
            {
              "name": "CVE-2026-11493 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-11493"
            },
            {
              "name": "Submit #834818 | Tenda AC15 V15.03.05.19 Misconfiguration",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/834818"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.notion.so/Tenda-AC15-V15-03-05-19-3671f5ba98908023b508dc0330624dcd?source=copy_link"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-06-07T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-06-07T12:23:47.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda AC15 Samba smb.conf weak password"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-11493",
        "datePublished": "2026-06-08T05:45:09.868Z",
        "dateReserved": "2026-06-07T10:18:43.938Z",
        "dateUpdated": "2026-06-08T13:30:41.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-11493 (GCVE-0-2026-11493)

    Vulnerability from cvelistv5 – Published: 2026-06-08 05:45 – Updated: 2026-06-08 13:30
    VLAI
    Title
    Tenda AC15 Samba smb.conf weak password
    Summary
    A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-521 - Weak Password Requirements
    Assigner
    References
    Impacted products
    Vendor Product Version
    Tenda AC15 Affected: 15.03.05.19
        cpe:2.3:o:tenda:ac15_firmware:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    L-14 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-11493",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-08T13:30:33.197769Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-08T13:30:41.606Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:o:tenda:ac15_firmware:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "Samba"
              ],
              "product": "AC15",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "15.03.05.19"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "L-14 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level is associated with this attack. The exploitability is regarded as difficult. The exploit has been made available to the public and could be used for attacks."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.3,
                "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "Weak Password Requirements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-08T05:45:09.868Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-369113 | Tenda AC15 Samba smb.conf weak password",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/369113"
            },
            {
              "name": "VDB-369113 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/369113/cti"
            },
            {
              "name": "CVE-2026-11493 | CVE Analysis and Report",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/cve/CVE-2026-11493"
            },
            {
              "name": "Submit #834818 | Tenda AC15 V15.03.05.19 Misconfiguration",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/834818"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://www.notion.so/Tenda-AC15-V15-03-05-19-3671f5ba98908023b508dc0330624dcd?source=copy_link"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-06-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-06-07T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-06-07T12:23:47.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda AC15 Samba smb.conf weak password"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-11493",
        "datePublished": "2026-06-08T05:45:09.868Z",
        "dateReserved": "2026-06-07T10:18:43.938Z",
        "dateUpdated": "2026-06-08T13:30:41.606Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    VAR-202603-0426

    Vulnerability from variot - Updated: 2026-03-09 23:37

    A buffer overflow vulnerability was discovered in goform/formSetMacFilterCfg in Tenda AC15V1.0 V15.03.05.18_multi. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202603-0426",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.18_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18_multi"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "cve": "CVE-2026-24103",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2026-24103",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2026-006394",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2026-24103",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2026-006394",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A buffer overflow vulnerability was discovered in goform/formSetMacFilterCfg in Tenda AC15V1.0 V15.03.05.18_multi. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2026-24103",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "id": "VAR-202603-0426",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.50049776
      },
      "last_update_date": "2026-03-09T23:37:26.870000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVEreport/D-link/CVE-2026-24103\u00a0at\u00a0main\u00a0\u00a0akuma-QAQ/CVEreport\u00a0\u00a0GitHub",
            "trust": 0.8,
            "url": "https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2026-24103"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/material/show/2710"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/akuma-qaq/cvereport/tree/main/d-link/cve-2026-24103"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2026-24103"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "date": "2026-03-03T15:16:18.787000",
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-09T06:07:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          },
          {
            "date": "2026-03-05T21:43:07.170000",
            "db": "NVD",
            "id": "CVE-2026-24103"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd. of AC15\u00a0 Classic buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-006394"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202603-0017

    Vulnerability from variot - Updated: 2026-03-07 23:49

    A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. Exploits have been made public and may be used in attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202603-0017",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.13.07.13"
          },
          {
            "model": "ac15",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.13.07.13  and earlier"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "cve": "CVE-2026-3400",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2026-3400",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2026-005908",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2026-3400",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2026-3400",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2026-005908",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2026-3400",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2026-3400",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2026-005908",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. Exploits have been made public and may be used in attacks.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2026-3400",
            "trust": 2.6
          },
          {
            "db": "VULDB",
            "id": "348295",
            "trust": 1.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "id": "VAR-202603-0017",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.50049776
      },
      "last_update_date": "2026-03-07T23:49:20.922000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Tenda\u00a0A15\u00a0V15.13.07.13\u00a0Stack-based\u00a0Buffer\u00a0Overflow YuqueYuque",
            "trust": 0.8,
            "url": "https://vuldb.com/?id.348295"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://www.yuque.com/ba1ma0-an29k/nnxoap/tzg68iadbmqx6esm?singledoc#"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.348295"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?id.348295"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?submit.760109"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2026-3400"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "date": "2026-03-02T00:16:03.293000",
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-05T02:48:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          },
          {
            "date": "2026-03-03T19:48:04.040000",
            "db": "NVD",
            "id": "CVE-2026-3400"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd. of AC15\u00a0 Multiple vulnerabilities in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005908"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202603-0211

    Vulnerability from variot - Updated: 2026-03-07 23:36

    An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, s1_1 will be passed into sub_B0488, concatenated into doSystemCmd. The value of s1_1 is not validated, potentially leading to a command injection vulnerability. When certain conditions are met, s1_1 But sub_B0488 is passed to doSystemCmd will be concatenated to s1_1 The value of is not validated, which could lead to a command injection vulnerability.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202603-0211",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.18_multi"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18_multi"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "cve": "CVE-2026-24101",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2026-24101",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2026-005975",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2026-24101",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2026-005975",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability. When certain conditions are met, `s1_1` But sub_B0488 is passed to `doSystemCmd` will be concatenated to `s1_1` The value of is not validated, which could lead to a command injection vulnerability.All information handled by the software may be leaked to the outside. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2026-24101",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "id": "VAR-202603-0211",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.50049776
      },
      "last_update_date": "2026-03-07T23:36:37.208000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "CVEreport/D-link/CVE-2026-24101\u00a0at\u00a0main\u00a0\u00a0akuma-QAQ/CVEreport\u00a0\u00a0GitHub",
            "trust": 0.8,
            "url": "https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2026-24101"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/material/show/2710"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/akuma-qaq/cvereport/tree/main/d-link/cve-2026-24101"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2026-24101"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "date": "2026-03-02T16:16:24.407000",
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2026-03-05T02:51:00",
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          },
          {
            "date": "2026-03-03T19:44:19.120000",
            "db": "NVD",
            "id": "CVE-2026-24101"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd. of AC15\u00a0 in the firmware OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2026-005975"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202511-0848

    Vulnerability from variot - Updated: 2025-11-28 23:06

    Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to access protected resources. The Tenda AC15 is a wireless router product from Tenda.

    A security vulnerability exists in Tenda AC15 version 15.03.05.18multi

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202511-0848",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "v15.03.05.18"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "cve": "CVE-2025-63666",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-29473",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2025-63666",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2025-63666",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-29473",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to access protected resources. The Tenda AC15 is a wireless router product from Tenda. \n\nA security vulnerability exists in Tenda AC15 version 15.03.05.18multi",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          }
        ],
        "trust": 1.44
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-63666",
            "trust": 1.6
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "id": "VAR-202511-0848",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          }
        ]
      },
      "last_update_date": "2025-11-28T23:06:24.605000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-284",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://github.com/remenis/cve-2025-63666"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-63666"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-11-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "date": "2025-11-12T15:15:38.583000",
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-11-27T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          },
          {
            "date": "2025-11-17T18:59:20.080000",
            "db": "NVD",
            "id": "CVE-2025-63666"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 Access Control Error Vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-29473"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202510-0072

    Vulnerability from variot - Updated: 2025-11-22 23:35

    A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the failure of the enable parameter in the file /goform/saveAutoQos to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202510-0072",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "cve": "CVE-2025-11389",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-11389",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-016227",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24168",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-11389",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-016227",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-11389",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-016227",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24168",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the failure of the enable parameter in the file /goform/saveAutoQos to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-11389",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "327316",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "id": "VAR-202510-0072",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          }
        ]
      },
      "last_update_date": "2025-11-22T23:35:35.531000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac15/saveautoqos.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.327316"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.664982"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-11389"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.327316"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "date": "2025-10-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "date": "2025-10-07T12:15:42.500000",
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24168"
          },
          {
            "date": "2025-10-17T01:31:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          },
          {
            "date": "2025-10-15T18:34:49.890000",
            "db": "NVD",
            "id": "CVE-2025-11389"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-016227"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-3324

    Vulnerability from variot - Updated: 2025-11-20 23:21

    Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function. Shenzhen Tenda Technology Co.,Ltd. of AC15 An out-of-bounds write vulnerability exists in firmware.Information may be tampered with. The Tenda AC15, launched in October 2015 by Shenzhen Jixiang Tenda Technology Co., Ltd., is a home dual-band wireless router supporting 802.11ac and 802.11n dual-band concurrent operation, with a theoretical maximum transmission rate of 1900Mbps (600Mbps on the 2.4GHz band and 1300Mbps on the 5GHz band). This vulnerability stems from the fact that the time parameter of the setSmartPowerManagement method fails to correctly validate the length of the input data. Detailed vulnerability information is currently unavailable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-3324",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "cve": "CVE-2024-30613",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 4.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-28692",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-30613",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "None",
                "baseScore": 4.3,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-021689",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2024-30613",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-021689",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-28692",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function. Shenzhen Tenda Technology Co.,Ltd. of AC15 An out-of-bounds write vulnerability exists in firmware.Information may be tampered with. The Tenda AC15, launched in October 2015 by Shenzhen Jixiang Tenda Technology Co., Ltd., is a home dual-band wireless router supporting 802.11ac and 802.11n dual-band concurrent operation, with a theoretical maximum transmission rate of 1900Mbps (600Mbps on the 2.4GHz band and 1300Mbps on the 5GHz band). This vulnerability stems from the fact that the `time` parameter of the `setSmartPowerManagement` method fails to correctly validate the length of the input data. Detailed vulnerability information is currently unavailable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-30613",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "id": "VAR-202403-3324",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          }
        ]
      },
      "last_update_date": "2025-11-20T23:21:54.082000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/755686"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v15.03.05.18/setsmartpowermanagement.md"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-30613"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "date": "2025-04-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "date": "2024-03-29T13:15:15.820000",
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-28692"
          },
          {
            "date": "2025-04-09T06:24:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          },
          {
            "date": "2025-04-08T15:27:30.520000",
            "db": "NVD",
            "id": "CVE-2024-30613"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Out-of-bounds write vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-021689"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0813

    Vulnerability from variot - Updated: 2025-11-19 23:33

    A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257672. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the fromSysToolRestoreSet method in the /goform/SysToolRestoreSet page failing to adequately verify that the request originates from a trusted user. An attacker could exploit this vulnerability to craft malicious requests and trick victims into executing sensitive actions

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0813",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "cve": "CVE-2024-2817",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2024-2817",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-24259",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2817",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2817",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-2817",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2817",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2817",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2817",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24259",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257672. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the fromSysToolRestoreSet method in the /goform/SysToolRestoreSet page failing to adequately verify that the request originates from a trusted user. An attacker could exploit this vulnerability to craft malicious requests and trick victims into executing sensitive actions",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2817",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257672",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "id": "VAR-202403-0813",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:33:08.511000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 fromSysToolRestoreSet method cross-site request forgery vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/744096"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site request forgery (CWE-352) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v15.03.05.18/fromsystoolrestoreset.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257672"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257672"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2817"
          },
          {
            "trust": 0.6,
            "url": "https://www.jetbrains.com/privacy-security/issues-fixed/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "date": "2024-03-22T08:15:10.257000",
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24259"
          },
          {
            "date": "2024-03-28T00:56:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          },
          {
            "date": "2024-05-17T02:38:32.210000",
            "db": "NVD",
            "id": "CVE-2024-2817"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Cross-site request forgery vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003034"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0765

    Vulnerability from variot - Updated: 2025-11-19 23:30

    A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been rated as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257660. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the speed_dir parameter of the formSetSpeedWan method in the /goform/SetSpeedWan page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0765",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "cve": "CVE-2024-2805",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2805",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-017471",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24294",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2805",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-017471",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2805",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2805",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-017471",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24294",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been rated as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257660. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 An out-of-bounds write vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the speed_dir parameter of the formSetSpeedWan method in the /goform/SetSpeedWan page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2805",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257660",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "id": "VAR-202403-0765",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:30:58.676000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formSetSpeedWan method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743921"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257660"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257660"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/setspeedwan.md"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2805"
          },
          {
            "trust": 0.6,
            "url": "https://mattermost.com/security-updates"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "date": "2025-01-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "date": "2024-03-22T03:15:08.130000",
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24294"
          },
          {
            "date": "2025-01-27T01:24:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          },
          {
            "date": "2025-01-24T18:45:05.873000",
            "db": "NVD",
            "id": "CVE-2024-2805"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Out-of-bounds write vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-017471"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202508-2573

    Vulnerability from variot - Updated: 2025-11-19 23:30

    Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments.

    The Tenda AC15 suffers from a stack buffer overflow vulnerability caused by the fromSetIpMacBind function's failure to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202508-2573",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.19"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.19"
          },
          {
            "model": "ac15 15.03.05.19 multi td01",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "cve": "CVE-2025-55564",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.8,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-24389",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2025-55564",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 7.5,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-012840",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2025-55564",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-012840",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24389",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. \n\nThe Tenda AC15 suffers from a stack buffer overflow vulnerability caused by the fromSetIpMacBind function\u0027s failure to properly validate the length of input data. An attacker could exploit this vulnerability to cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-55564",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "id": "VAR-202508-2573",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:30:51.736000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://github.com/clxhzg/cve/blob/main/tenda/ac15/setipmacbind.md"
          },
          {
            "trust": 1.0,
            "url": "http://tendaac15v10brv15030519multitd01.com"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-55564"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "date": "2025-09-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "date": "2025-08-21T14:15:42.113000",
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24389"
          },
          {
            "date": "2025-09-04T01:46:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          },
          {
            "date": "2025-09-03T14:53:05.053000",
            "db": "NVD",
            "id": "CVE-2025-55564"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012840"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202508-0672

    Vulnerability from variot - Updated: 2025-11-19 23:28

    A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC15 Firmware contains insufficient validation of data authenticity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. Detailed vulnerability details are currently unavailable

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202508-0672",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.13.07.13"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.13.07.13"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "cve": "CVE-2025-8979",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.2,
                "id": "CVE-2025-8979",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "Multiple",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 6.8,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-012176",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.8,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.2,
                "id": "CNVD-2025-24390",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 0.7,
                "id": "CVE-2025-8979",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 6.6,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-012176",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-8979",
                "trust": 1.0,
                "value": "Medium"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-012176",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24390",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC15 Firmware contains insufficient validation of data authenticity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. Detailed vulnerability details are currently unavailable",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-8979",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "319975",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "id": "VAR-202508-0672",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:28:49.745000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-345",
            "trust": 1.0
          },
          {
            "problemtype": "Inadequate verification of data reliability (CWE-345) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://github.com/iotres/iot_firmware_update/blob/main/tenda/ac15_inte.md"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/iotres/iot_firmware_update/blob/main/tenda/ac15_auth.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.319975"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.628602"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?submit.628603"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.319975"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-8979"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "date": "2025-08-22T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "date": "2025-08-14T20:15:37.583000",
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24390"
          },
          {
            "date": "2025-08-22T09:25:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          },
          {
            "date": "2025-08-18T15:03:49.693000",
            "db": "NVD",
            "id": "CVE-2025-8979"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Insufficient validation of data authenticity in firmware vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-012176"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0814

    Vulnerability from variot - Updated: 2025-11-19 23:27

    A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the fromSysToolReboot method in the /goform/SysToolReboot page failing to adequately verify that the request originates from a trusted user. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0814",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "cve": "CVE-2024-2816",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2024-2816",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-24299",
                "impactScore": 2.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "NONE",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2816",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2816",
                "impactScore": 3.6,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-2816",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2816",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2816",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2816",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24299",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the fromSysToolReboot method in the /goform/SysToolReboot page failing to adequately verify that the request originates from a trusted user. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2816",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257671",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "id": "VAR-202403-0814",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:27:44.590000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 Cross-Site Request Forgery Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743901"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-352",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site request forgery (CWE-352) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v15.03.05.18/fromsystoolreboot.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257671"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257671"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2816"
          },
          {
            "trust": 0.6,
            "url": "https://www.jenkins.io/security/advisory/2024-03-06/#security"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "date": "2024-03-22T08:15:10.010000",
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24299"
          },
          {
            "date": "2024-03-28T00:56:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          },
          {
            "date": "2024-05-17T02:38:32.100000",
            "db": "NVD",
            "id": "CVE-2024-2816"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Cross-site request forgery vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003035"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0865

    Vulnerability from variot - Updated: 2025-11-19 23:25

    A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257665 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the index parameter in the formWifiWpsOOB method of the /goform/WifiWpsOOB page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0865",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "cve": "CVE-2024-2810",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2810",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24295",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2810",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2810",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2810",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2810",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2810",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2810",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24295",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257665 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the index parameter in the formWifiWpsOOB method of the /goform/WifiWpsOOB page to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2810",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257665",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "id": "VAR-202403-0865",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:25:03.788000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formWifiWpsOOB method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743926"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formwifiwpsoob.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257665"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257665"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2810"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/latchset/jwcrypto/commit/90477a3b6e73da69740e00b8161f53fea19b831f"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "date": "2024-03-22T06:15:10.800000",
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24295"
          },
          {
            "date": "2024-03-28T01:30:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          },
          {
            "date": "2024-05-17T02:38:31.447000",
            "db": "NVD",
            "id": "CVE-2024-2810"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003041"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202510-0056

    Vulnerability from variot - Updated: 2025-11-19 23:24

    A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter "newVersion" in the file "/goform/setNotUpgrade" to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202510-0056",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "cve": "CVE-2025-11388",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-11388",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24388",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-11388",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-11388",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24388",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter \"newVersion\" in the file \"/goform/setNotUpgrade\" to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          }
        ],
        "trust": 1.44
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-11388",
            "trust": 1.6
          },
          {
            "db": "VULDB",
            "id": "327315",
            "trust": 1.0
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "id": "VAR-202510-0056",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:24:56.547000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac15/setnotupgrade.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.327315"
          },
          {
            "trust": 1.0,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?id.327315"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?submit.664974"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "date": "2025-10-07T11:16:02.800000",
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          },
          {
            "date": "2025-10-09T16:45:53.530000",
            "db": "NVD",
            "id": "CVE-2025-11388"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 newVersion parameter stack buffer overflow vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24388"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202403-0901

    Vulnerability from variot - Updated: 2025-11-19 23:24

    A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257662 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the filePath parameter of the formExpandDlnaFile method in the /goform/expandDlnaFile page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0901",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "cve": "CVE-2024-2807",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2807",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24290",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2807",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2807",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2807",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2807",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2807",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2807",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24290",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.20_multi. This vulnerability affects the function formExpandDlnaFile of the file /goform/expandDlnaFile. The manipulation of the argument filePath leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257662 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the filePath parameter of the formExpandDlnaFile method in the /goform/expandDlnaFile page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2807",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257662",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "id": "VAR-202403-0901",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:24:26.098000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formExpandDlnaFile method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743906"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formexpanddlnafile.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257662"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257662"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2807"
          },
          {
            "trust": 0.6,
            "url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0002"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "date": "2024-03-22T05:15:48.807000",
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24290"
          },
          {
            "date": "2024-03-28T01:30:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          },
          {
            "date": "2024-05-17T02:38:31.100000",
            "db": "NVD",
            "id": "CVE-2024-2807"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003044"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0930

    Vulnerability from variot - Updated: 2025-11-19 23:21

    A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257663. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the PPPOEPassword parameter in the formQuickIndex method of the /goform/QuickIndex page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0930",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "cve": "CVE-2024-2808",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2808",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24291",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2808",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2808",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2808",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2808",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2808",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2808",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24291",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20_multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257663. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the PPPOEPassword parameter in the formQuickIndex method of the /goform/QuickIndex page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2808",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257663",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "id": "VAR-202403-0930",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:21:17.692000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formQuickIndex method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743911"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formquickindex.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257663"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257663"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2808"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/pinkdraconian/poc-langchain-rce/blob/main/readme.md"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "date": "2024-03-22T05:15:49.017000",
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24291"
          },
          {
            "date": "2024-03-28T01:30:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          },
          {
            "date": "2024-05-17T02:38:31.233000",
            "db": "NVD",
            "id": "CVE-2024-2808"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003043"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0816

    Vulnerability from variot - Updated: 2025-11-19 23:18

    A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the formWifiWpsStart method in the /goform/WifiWpsStart page to properly validate the length of the input data in the index parameter. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0816",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "cve": "CVE-2024-2811",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2811",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24296",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2811",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2811",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2811",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2811",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2811",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2811",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24296",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the formWifiWpsStart method in the /goform/WifiWpsStart page to properly validate the length of the input data in the index parameter. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2811",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257666",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "id": "VAR-202403-0816",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:18:27.438000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formWifiWpsStart method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743886"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formwifiwpsstart.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257666"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257666"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2811"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/cloudevents/sdk-go/security/advisories/ghsa-5pf6-2qwx-pxm2"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "date": "2024-03-22T06:15:11.803000",
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24296"
          },
          {
            "date": "2024-03-28T01:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          },
          {
            "date": "2024-05-17T02:38:31.553000",
            "db": "NVD",
            "id": "CVE-2024-2811"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003040"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-2494

    Vulnerability from variot - Updated: 2025-11-19 23:18

    News functionality in Schoolbox application before version 23.1.3 is vulnerable to stored cross-site scripting allowing authenticated attacker to perform security actions in the context of the affected users. schoolbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band).

    The Tenda AC15 suffers from a stack buffer overflow vulnerability. This vulnerability stems from the failure to properly validate the length of input data in the firewallEn parameter of the formSetFirewallCfg method in the /goform/SetFirewallCfg page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-2494",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "schoolbox",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "schoolbox",
            "version": "23.1.3"
          },
          {
            "model": "schoolbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schoolbox",
            "version": null
          },
          {
            "model": "schoolbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "schoolbox",
            "version": "23.1.3"
          },
          {
            "model": "schoolbox",
            "scope": null,
            "trust": 0.8,
            "vendor": "schoolbox",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "cve": "CVE-2024-28095",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24292",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "vdp@themissinglink.com.au",
                "availabilityImpact": "NONE",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2024-28095",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-28095",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 5.4,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2024-28095",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "Low",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "vdp@themissinglink.com.au",
                "id": "CVE-2024-28095",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-28095",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-28095",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24292",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "News functionality in Schoolbox application before\n version 23.1.3 is vulnerable to stored cross-site scripting allowing \nauthenticated attacker to perform security actions in the context of the\n affected users. schoolbox Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. The Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tengda Technology Co., Ltd. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). \n\nThe Tenda AC15 suffers from a stack buffer overflow vulnerability. This vulnerability stems from the failure to properly validate the length of input data in the firewallEn parameter of the formSetFirewallCfg method in the /goform/SetFirewallCfg page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-28095",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "id": "VAR-202403-2494",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:18:27.347000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formSetFirewallCfg method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743916"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-79",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
            "trust": 0.8
          },
          {
            "problemtype": " Cross-site scripting (CWE-79) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://www.themissinglink.com.au/security-advisories/cve-2024-28095"
          },
          {
            "trust": 1.8,
            "url": "https://schoolbox.education/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-28095"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "date": "2025-02-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "date": "2024-03-07T04:15:07.527000",
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "date": "2025-02-06T01:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          },
          {
            "date": "2025-02-05T17:22:23.773000",
            "db": "NVD",
            "id": "CVE-2024-28095"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "schoolbox\u00a0 Cross-site scripting vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-018159"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0832

    Vulnerability from variot - Updated: 2025-11-19 23:18

    A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257664. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of input data in the firewallEn parameter of the formSetFirewallCfg method in the /goform/SetFirewallCfg page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0832",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "cve": "CVE-2024-2809",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2809",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24292",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2809",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2809",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2809",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2809",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2809",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2809",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24292",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability, which was classified as critical, was found in Tenda AC15 15.03.05.18/15.03.20_multi. Affected is the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257664. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of input data in the firewallEn parameter of the formSetFirewallCfg method in the /goform/SetFirewallCfg page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2809",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257664",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "id": "VAR-202403-0832",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:18:27.324000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formSetFirewallCfg method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743916"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formsetfirewallcfg.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257664"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257664"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2809"
          },
          {
            "trust": 0.6,
            "url": "https://www.themissinglink.com.au/security-advisories/cve-2024-28095"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "date": "2024-03-22T06:15:08.747000",
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24292"
          },
          {
            "date": "2024-03-28T01:30:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          },
          {
            "date": "2024-05-17T02:38:31.340000",
            "db": "NVD",
            "id": "CVE-2024-2809"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003042"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0815

    Vulnerability from variot - Updated: 2025-11-19 23:16

    A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the "page" parameter of the "fromDhcpListClient" method in the "/goform/DhcpListClient" page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0815",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "cve": "CVE-2024-2814",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2814",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24298",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2814",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2814",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2814",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2814",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2814",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2814",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24298",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 There are unspecified vulnerabilities in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure to properly validate the length of the input data in the \"page\" parameter of the \"fromDhcpListClient\" method in the \"/goform/DhcpListClient\" page. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2814",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257669",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "id": "VAR-202403-0815",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:16:15.288000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 fromDhcpListClient method stack buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743896"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "others (CWE-Other) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/fromdhcplistclient_page.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257669"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257669"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2814"
          },
          {
            "trust": 0.6,
            "url": "https://www.jenkins.io/security/advisory/2024-03-06/#security"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "date": "2024-03-22T07:15:47.447000",
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24298"
          },
          {
            "date": "2024-03-28T01:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          },
          {
            "date": "2024-05-17T02:38:31.880000",
            "db": "NVD",
            "id": "CVE-2024-2814"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Firmware vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003037"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0920

    Vulnerability from variot - Updated: 2025-11-19 23:16

    A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the mac parameter in the formWriteFacMac method of the /goform/WriteFacMac page to properly sanitize special characters and commands when constructing commands. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0920",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "cve": "CVE-2024-2812",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2812",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24297",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2812",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2812",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2812",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2812",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2812",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2812",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24297",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps in the 2.4 GHz band and 1300 Mbps in the 5 GHz band). This vulnerability stems from the failure of the mac parameter in the formWriteFacMac method of the /goform/WriteFacMac page to properly sanitize special characters and commands when constructing commands. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2812",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257667",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "id": "VAR-202403-0920",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:16:15.262000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formWriteFacMac method command injection vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743891"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v1.0%20v15.03.20_multi/formwritefacmac.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.257667"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257667"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2812"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/lestrrat-go/jwx/security/advisories/ghsa-hj3v-m684-v259"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "date": "2024-03-22T07:15:46.283000",
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24297"
          },
          {
            "date": "2024-03-28T01:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          },
          {
            "date": "2024-05-17T02:38:31.660000",
            "db": "NVD",
            "id": "CVE-2024-2812"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003039"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202510-0057

    Vulnerability from variot - Updated: 2025-11-19 23:11

    A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter ddnsEn in the file /goform/SetDDNSCfg to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202510-0057",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "cve": "CVE-2025-11386",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-11386",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-015863",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24387",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-11386",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-015863",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-11386",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-015863",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24387",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and is designed primarily for home networking environments. This vulnerability stems from the failure of the parameter ddnsEn in the file /goform/SetDDNSCfg to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-11386",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "327313",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "id": "VAR-202510-0057",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:11:58.587000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac15/setddnscfg.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.327313"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.664969"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.327313"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-11386"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "date": "2025-10-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "date": "2025-10-07T10:15:34.080000",
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24387"
          },
          {
            "date": "2025-10-14T06:52:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          },
          {
            "date": "2025-10-09T16:46:10.360000",
            "db": "NVD",
            "id": "CVE-2025-11386"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015863"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202403-0912

    Vulnerability from variot - Updated: 2025-11-19 23:10

    A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the failure of the usbName parameter in the formSetSambaConf method of the /goform/setsambacfg page to properly sanitize special characters and commands in constructed commands. No detailed vulnerability details are currently available

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202403-0912",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15 15.03.20 multi",
            "scope": null,
            "trust": 0.6,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "cve": "CVE-2024-2851",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2024-2851",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24293",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-2851",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-2851",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-2851",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2024-2851",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-2851",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-2851",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24293",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. of AC15 The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. in October 2015. It supports the 802.11ac protocol and offers a theoretical transmission rate of 1900 Mbps (600 Mbps on the 2.4 GHz band and 1300 Mbps on the 5 GHz band). This vulnerability stems from the failure of the usbName parameter in the formSetSambaConf method of the /goform/setsambacfg page to properly sanitize special characters and commands in constructed commands. No detailed vulnerability details are currently available",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-2851",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "257775",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "id": "VAR-202403-0912",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          }
        ]
      },
      "last_update_date": "2025-11-19T23:10:11.111000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda AC15 formSetSambaConf method command injection vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/743871"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://vuldb.com/?id.257775"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v15.03.05.18/formsetsambaconf.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.257775"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-2851"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-20T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "date": "2024-03-28T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "date": "2024-03-24T03:15:09.177000",
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-21T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24293"
          },
          {
            "date": "2024-03-28T00:56:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          },
          {
            "date": "2024-05-17T02:38:34.107000",
            "db": "NVD",
            "id": "CVE-2024-2851"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 in the firmware \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-003032"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202007-0064

    Vulnerability from variot - Updated: 2025-11-18 15:37

    The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Tenda AC15 AC1900 There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202007-0064",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.8,
            "vendor": "tenda",
            "version": "15.03.05.19"
          },
          {
            "model": "ac15 ac1900",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "15.03.05.19"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:tenda:ac15_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          }
        ]
      },
      "cve": "CVE-2020-10987",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2020-10987",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 10.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007726",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-41513",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2020-10987",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-007726",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-10987",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2020-10987",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-007726",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-41513",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202007-564",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-10987",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. Tenda AC15 AC1900 There is an injection vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Tenda AC15 AC1900 is a wireless router of China Tenda (Tenda) company",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-10987",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513",
            "trust": 0.6
          },
          {
            "db": "NSFOCUS",
            "id": "48170",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "id": "VAR-202007-0064",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          }
        ],
        "trust": 1.30318103
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          }
        ]
      },
      "last_update_date": "2025-11-18T15:37:03.104000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.tenda.cz/"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/20142995/Goby "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/gitpaste-12-worm-widens-exploits/162290/"
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/gitpaste-12-worm-linux-servers-iot-devices/161016/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-74",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://blog.securityevaluators.com/tenda-ac1900-vulnerabilities-discovered-and-exploited-e8e26aa0bc68"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-10987"
          },
          {
            "trust": 1.7,
            "url": "https://www.ise.io/research/"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2020-10987"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-10987"
          },
          {
            "trust": 0.6,
            "url": "http://www.nsfocus.net/vulndb/48170"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/gitpaste-12-worm-widens-exploits/162290/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "date": "2020-07-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "date": "2020-07-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "date": "2020-07-13T19:15:12.207000",
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-22T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-41513"
          },
          {
            "date": "2021-07-21T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-10987"
          },
          {
            "date": "2020-08-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          },
          {
            "date": "2020-08-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          },
          {
            "date": "2025-11-07T19:32:57.680000",
            "db": "NVD",
            "id": "CVE-2020-10987"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 AC1900 Injection vulnerabilities in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-007726"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202007-564"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202510-0110

    Vulnerability from variot - Updated: 2025-11-18 15:21

    A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202510-0110",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "cve": "CVE-2025-11387",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-11387",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-015809",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-24071",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-11387",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-015809",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-11387",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-015809",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-24071",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fast_setting_pppoe_set. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability could allow an attacker to execute arbitrary code or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-11387",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "327314",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "id": "VAR-202510-0110",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          }
        ]
      },
      "last_update_date": "2025-11-18T15:21:27.834000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac15/fast_setting_pppoe_set.md"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.327314"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.664970"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-11387"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.327314"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "date": "2025-10-14T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "date": "2025-10-07T11:16:01.500000",
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-10-17T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-24071"
          },
          {
            "date": "2025-10-14T02:49:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          },
          {
            "date": "2025-10-09T16:46:01.827000",
            "db": "NVD",
            "id": "CVE-2025-11387"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-015809"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202509-1490

    Vulnerability from variot - Updated: 2025-09-26 23:41

    A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware and AC15 The firmware contains a command injection vulnerability. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202509-1490",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac9",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.14"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.14"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac9",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "cve": "CVE-2025-10442",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-10442",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Partial",
                "baseScore": 6.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-014433",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "LOW",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-10442",
                "impactScore": 3.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-10442",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-014433",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-10442",
                "trust": 1.0,
                "value": "Low"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2025-10442",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-014433",
                "trust": 0.8,
                "value": "High"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Shenzhen Tenda Technology Co.,Ltd. of AC9 firmware and AC15 The firmware contains a command injection vulnerability. OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-10442",
            "trust": 2.6
          },
          {
            "db": "VULDB",
            "id": "323876",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "id": "VAR-202509-1490",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.422403305
      },
      "last_update_date": "2025-09-26T23:41:52.051000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Command injection (CWE-77) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": "OS Command injection (CWE-78) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/2664521593/mycve/blob/main/tenda/tenda_ac9_cj.md"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/2664521593/mycve/blob/main/tenda/tenda_ac9_cj.md#poc"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.323876"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.647838"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.647839"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.323876"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-10442"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-09-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "date": "2025-09-15T11:15:33.970000",
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-09-25T01:26:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          },
          {
            "date": "2025-09-19T20:39:12.093000",
            "db": "NVD",
            "id": "CVE-2025-10442"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC9\u00a0 firmware and \u00a0AC15\u00a0 Command injection vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-014433"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202509-1516

    Vulnerability from variot - Updated: 2025-09-20 23:23

    A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202509-1516",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac9",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.14"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "cve": "CVE-2025-10443",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-10443",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-10443",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-10443",
                "trust": 1.0,
                "value": "High"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03.05.18. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ],
        "trust": 1.0
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "VULDB",
            "id": "323877",
            "trust": 1.0
          },
          {
            "db": "NVD",
            "id": "CVE-2025-10443",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "id": "VAR-202509-1516",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.422403305
      },
      "last_update_date": "2025-09-20T23:23:28.217000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://github.com/2664521593/mycve/blob/main/tenda/tenda_ac15_ac9_bof.md"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?submit.647840"
          },
          {
            "trust": 1.0,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/2664521593/mycve/blob/main/tenda/tenda_ac15_ac9_bof.md#poc"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?id.323877"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.323877"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-09-15T12:15:32.690000",
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-09-19T19:22:53.663000",
            "db": "NVD",
            "id": "CVE-2025-10443"
          }
        ]
      }
    }

    VAR-202501-1467

    Vulnerability from variot - Updated: 2025-07-06 23:43

    A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.

    Tenda AC15 has a buffer overflow vulnerability, which is caused by the parameter mac of the file /goform/SetDevNetName failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202501-1467",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "tenda",
            "version": "15.13.07.13"
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.13.07.13"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "cve": "CVE-2025-0566",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-0566",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-008016",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-09940",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-0566",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-008016",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-0566",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-008016",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09940",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability, a stack-based buffer overflow vulnerability, and an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \n\nTenda AC15 has a buffer overflow vulnerability, which is caused by the parameter mac of the file /goform/SetDevNetName failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-0566",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "292527",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "id": "VAR-202501-1467",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          }
        ],
        "trust": 1.00636206
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          }
        ]
      },
      "last_update_date": "2025-07-06T23:43:22.270000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://pan.baidu.com/s/1dbdf27octimkw-pszwg02q?pwd=tara"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.292527"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.484418"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-0566"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.292527"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "date": "2025-07-04T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "date": "2025-01-19T07:15:06.407000",
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-16T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09940"
          },
          {
            "date": "2025-07-04T08:06:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          },
          {
            "date": "2025-07-01T15:11:11.800000",
            "db": "NVD",
            "id": "CVE-2025-0566"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-008016"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202404-0833

    Vulnerability from variot - Updated: 2025-07-05 23:04

    Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202404-0833",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.19"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "15.03.05.20_multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.18"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.20 multi"
          },
          {
            "model": "ac15",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "ac15  firmware  15.03.05.19"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "cve": "CVE-2024-32303",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 8.0,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2024-32303",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.0,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-025561",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2024-32303",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-025561",
                "trust": 0.8,
                "value": "High"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda AC15 v15.03.20_multi, v15.03.05.19, and v15.03.05.18 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. Shenzhen Tenda Technology Co.,Ltd. of AC15 A stack-based buffer overflow vulnerability exists in the firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-32303",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "id": "VAR-202404-0833",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.40636206
      },
      "last_update_date": "2025-07-05T23:04:24.379000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://github.com/abcdefg-png/iot-vulnerable/blob/main/tenda/ac15/v15.03.05.18/fromwizardhandle.md"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-32303"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "date": "2024-04-17T16:15:08.837000",
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-07-02T00:13:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          },
          {
            "date": "2025-06-30T13:37:14.130000",
            "db": "NVD",
            "id": "CVE-2024-32303"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0AC15\u00a0 Stack-based buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-025561"
          }
        ],
        "trust": 0.8
      }
    }