荀毅杰 - Security Researcher - Exploit Intelligence Platform

CVE-2025-29385 WRITEUP CRITICAL WRITEUP

Tenda Ac9 Firmware - Out-of-Bounds Write

In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-29386 WRITEUP CRITICAL WRITEUP

Tenda Ac9 Firmware - Out-of-Bounds Write

In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-29387 WRITEUP HIGH WRITEUP

Tenda Ac9 Firmware - Out-of-Bounds Write

In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 7.1

View Code

CVE-2025-45427 WRITEUP CRITICAL WRITEUP

Tenda Ac9 Firmware - Stack Buffer Overflow

In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-45428 WRITEUP CRITICAL WRITEUP

Tenda Ac9 Firmware - Stack Buffer Overflow

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

CVSS 9.8

View Code

CVE-2025-45429 WRITEUP CRITICAL WRITEUP

Tenda Ac9 Firmware - Stack Buffer Overflow

In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.

CVSS 9.8

View Code