张路石 - Security Researcher - Exploit Intelligence Platform

CVE-2025-13446 WRITEUP HIGH WRITEUP

Tenda AC21 16.03.08.16 - Stack-Based Buffer Overflow via timeZone/time Parameter

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

CVSS 8.8

View Code

CVE-2025-29384 WRITEUP CRITICAL WRITEUP

Tenda AC9 v1.0 V15.03.05.14_multi - Stack Overflow via wanMTU Parameter

In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-29385 WRITEUP CRITICAL WRITEUP

Tenda AC9 v1.0 V15.03.05.14_multi - Remote Code Execution via cloneType Parameter Overflow

In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-29386 WRITEUP CRITICAL WRITEUP

Tenda AC9 v1.0 V15.03.05.14_multi - Stack Overflow via mac Parameter in AdvSetMacMtuWan

In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-29387 WRITEUP HIGH WRITEUP

Tenda AC9 v1.0 V15.03.05.14_multi - Stack-based Buffer Overflow via wanSpeed Parameter

In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 7.1

View Code

CVE-2025-45427 WRITEUP CRITICAL WRITEUP

Tenda AC9 v1.0 Firmware V15.03.05.14_multi - Stack-based Buffer Overflow in WifiBasicSet Security Parameter

In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-45428 WRITEUP CRITICAL WRITEUP

Tenda AC9 Firmware V15.03.05.14_multi - Stack-based Buffer Overflow via rebootTime Parameter

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-45429 WRITEUP CRITICAL WRITEUP

Tenda AC9 Firmware V15.03.05.14_multi - Stack-based Buffer Overflow in WifiWpsStart

In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.

CVSS 9.8

View Code