Tenda: >> Ac9 Firmware >> 1.0 Security Vulnerabilities
A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-09
Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-23
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.
CVSS Score
6.5
EPSS Score
0.098
Published
2025-09-23