Ac9 firmware
This hub aggregates every CVE we track for Ac9 firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
109
CVEs tracked
64
Critical
34
High
1
In CISA KEV
Severity distribution
CRITICAL64HIGH34MEDIUM10LOW1
Monthly trend
0
1
0
1
0
0
2
0
5
3
3
4
0
1
4
0
0
1
0
2
0
2
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Ac9 firmware.
- CVE-2026-6016Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow8.8
- CVE-2026-6015Tenda AC9 POST Request QuickIndex formQuickIndex stack-based overflow8.8
- CVE-2026-2192Tenda AC9 formGetRebootTimer stack-based overflow7.2
- CVE-2026-2191Tenda AC9 formGetDdosDefenceList stack-based overflow7.2
- CVE-2025-14286Tenda AC9 Configuration File DownloadCfg.jpg information disclosure5.3
- CVE-2025-57639OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd ...6.5
- CVE-2025-57638Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.7.5
- CVE-2025-10443Tenda AC9/AC15 exeCommand formexeCommand buffer overflow8.8
- CVE-2025-10442Tenda AC9/AC15 exeCommand formexeCommand os command injection6.3
- CVE-2025-9731Tenda AC9 Administrative shadow hard-coded credentials2.5
- CVE-2025-5900Tenda AC9 cross-site request forgery4.3
- CVE-2025-5847Tenda AC9 HTTP POST Request SetRemoteWebCfg formSetSafeWanWebMan stack-based overflow8.8
- CVE-2025-5839Tenda AC9 POST Request AdvSetLanip fromadvsetlanip buffer overflow8.8
- CVE-2025-5836Tenda AC9 POST Request SetIPTVCfg formSetIptv command injection6.3
- CVE-2025-45042Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function.9.8
Product normalization is registry-driven with AI assist and human review. How it works