Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Tenda
Angry Yack Logo
Total 1690 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40855 1 Tenda 2 W20e, W20e Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters.
CVE-2022-40854 1 Tenda 2 Ac18, Ac18 Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set
CVE-2022-40851 1 Tenda 2 Ac15, Ac15 Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat.
CVE-2022-40105 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40104 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40103 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 5.5 MEDIUM
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40102 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40101 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40100 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the FormexeCommand function.
CVE-2022-40106 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40107 1 Tenda 2 I9, I9 Firmware 2025-05-22 N/A 7.5 HIGH
Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.
CVE-2022-40942 1 Tenda 2 Tx3, Tx3 Firmware 2025-05-21 N/A 9.8 CRITICAL
Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time.
CVE-2024-24543 1 Tenda 2 Ac9, Ac9 Firmware 2025-05-15 N/A 9.8 CRITICAL
Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data.
CVE-2022-42080 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter.
CVE-2022-42079 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet.
CVE-2022-42078 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-15 N/A 6.5 MEDIUM
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.
CVE-2022-42077 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-15 N/A 6.5 MEDIUM
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-42087 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-05-15 N/A 6.5 MEDIUM
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.
CVE-2022-42163 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting.
CVE-2022-42171 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.
CVE-2022-42170 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
CVE-2022-42169 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
CVE-2022-42168 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.
CVE-2022-42167 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg.
CVE-2022-42164 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-15 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.
CVE-2022-42086 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-05-15 N/A 6.5 MEDIUM
Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.
CVE-2022-42081 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via sched_end_time parameter.
CVE-2022-41485 1 Tenda 3 Ac6, Ac6 Firmware, Ac6v2.0 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-41484 1 Tenda 2 Ap500, Ap500v1 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1900 AP500(US)_V1_180320(Beta) was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-41483 1 Tenda 2 Ac6, Ac6v2.0 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-41482 1 Tenda 2 Ac6, Ac6v2.0 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-41481 1 Tenda 2 Ac6, Ac6v2.0 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2022-41480 1 Tenda 2 Ac6, Ac6v2.0 Firmware 2025-05-15 N/A 7.5 HIGH
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-4368 1 Tenda 2 Ac8, Ac8 Firmware 2025-05-13 9.0 HIGH 8.8 HIGH
A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2022-42060 1 Tenda 2 W15e, W15e Firmware 2025-05-13 N/A 7.5 HIGH
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
CVE-2025-4298 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-13 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4299 1 Tenda 2 Ac1206, Ac1206 Firmware 2025-05-13 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2022-42166 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-13 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan.
CVE-2022-42165 1 Tenda 2 Ac10, Ac10 Firmware 2025-05-13 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.
CVE-2022-43260 1 Tenda 2 Ac18, Ac18 Firmware 2025-05-12 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow via the time parameter in the fromSetSysTime function.