Filtered by vendor Tenda
Subscribe
Total
1690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24332 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-25 | N/A | 8.1 HIGH |
|
A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.
|
|||||
| CVE-2023-24333 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-03-25 | N/A | 8.8 HIGH |
|
A stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi.
|
|||||
| CVE-2023-24334 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-03-25 | N/A | 8.0 HIGH |
|
A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.
|
|||||
| CVE-2024-30620 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-03-25 | N/A | 9.8 CRITICAL |
|
Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan.
|
|||||
| CVE-2024-57582 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-22 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function.
|
|||||
| CVE-2025-0349 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-22 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
|
|||||
| CVE-2024-57579 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function.
|
|||||
| CVE-2025-29386 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
|
|||||
| CVE-2025-29385 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
|
|||||
| CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
|
|||||
| CVE-2025-29031 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
|
|||||
| CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
|
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
|
|||||
| CVE-2024-44552 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
|
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
|
|||||
| CVE-2024-57581 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
|
|||||
| CVE-2024-57580 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
|
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
|
|||||
| CVE-2025-29029 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
|
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
|
|||||
| CVE-2024-42952 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-03-18 | N/A | 7.5 HIGH |
|
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2025-29387 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-17 | N/A | 7.1 HIGH |
|
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
|
|||||
| CVE-2025-25667 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
|
|||||
| CVE-2025-25668 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
|
|||||
| CVE-2024-32293 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.0 HIGH |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function.
|
|||||
| CVE-2024-32292 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.8 HIGH |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter.
|
|||||
| CVE-2024-32291 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 7.5 HIGH |
|
Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function.
|
|||||
| CVE-2024-32290 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.7 MEDIUM |
|
Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function.
|
|||||
| CVE-2024-32288 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.3 MEDIUM |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromwebExcptypemanFilter function.
|
|||||
| CVE-2024-32287 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.5 MEDIUM |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the qos parameter in the fromqossetting function.
|
|||||
| CVE-2024-32286 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability located via the page parameter in the fromVirtualSer function.
|
|||||
| CVE-2024-32285 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.0 HIGH |
|
Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the password parameter in the formaddUserName function.
|
|||||
| CVE-2025-25664 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
|
|||||
| CVE-2025-25663 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.
|
|||||
| CVE-2024-32313 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-03-17 | N/A | 6.5 MEDIUM |
|
Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the adslPwd parameter of the formWanParameterSetting function.
|
|||||
| CVE-2024-32307 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-03-17 | N/A | 7.4 HIGH |
|
Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function.
|
|||||
| CVE-2024-57704 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 8.8 HIGH |
|
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow.
|
|||||
| CVE-2024-46652 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function.
|
|||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
|
Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow.
|
|||||
| CVE-2024-32310 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-03-17 | N/A | 8.0 HIGH |
|
Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the PPW parameter of the fromWizardHandle function.
|
|||||
| CVE-2024-32312 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-03-17 | N/A | 5.7 MEDIUM |
|
Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the adslPwd parameter of the formWanParameterSetting function.
|
|||||
| CVE-2024-32283 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | N/A | 7.3 HIGH |
|
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter.
|
|||||
| CVE-2024-32311 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | N/A | 6.5 MEDIUM |
|
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function.
|
|||||
| CVE-2024-32299 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | N/A | 8.8 HIGH |
|
Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function.
|
|||||