Filtered by vendor Tenda
Subscribe
Total
1690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-48194 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
|
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
|
|||||
| CVE-2025-61498 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-12-08 | N/A | 7.5 HIGH |
|
A buffer overflow in the UPnP service of Tenda AC8 Hardware v03.03.10.01 allows attackers to cause a Denial of Service (DoS) via supplying a crafted packet.
|
|||||
| CVE-2025-63834 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-12-01 | N/A | 5.4 MEDIUM |
|
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.
|
|||||
| CVE-2025-13446 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-65220 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | N/A | 4.3 MEDIUM |
|
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/SetVirtualServerCfg via the list parameter.
|
|||||
| CVE-2025-65221 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | N/A | 4.3 MEDIUM |
|
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list parameter of /goform/setPptpUserList.
|
|||||
| CVE-2025-65222 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | N/A | 4.3 MEDIUM |
|
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg.
|
|||||
| CVE-2025-65223 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | N/A | 4.3 MEDIUM |
|
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo.
|
|||||
| CVE-2025-65226 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-21 | N/A | 4.3 MEDIUM |
|
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo.
|
|||||
| CVE-2025-13258 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.
|
|||||
| CVE-2025-13288 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-11-19 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in Tenda CH22 1.0.0.1. This impacts the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-63835 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-11-18 | N/A | 8.8 HIGH |
|
A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to denial of service (device crash) or potential remote code execution.
|
|||||
| CVE-2025-63457 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-11-18 | N/A | 7.5 HIGH |
|
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63456 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-11-18 | N/A | 7.5 HIGH |
|
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63147 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-11-18 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63149 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-11-17 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63455 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-11-17 | N/A | 7.5 HIGH |
|
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63152 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-11-17 | N/A | 7.5 HIGH |
|
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the wpapsk_crypto parameter of the wlSetExternParameter function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63666 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-11-17 | N/A | 9.8 CRITICAL |
|
Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password hash to the client and uses a short, low-entropy suffix as the session identifier. An attacker with network access or the ability to run JS in a victim browser can steal the cookie and replay it to access protected resources.
|
|||||
| CVE-2021-31755 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2025-11-10 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
|
|||||
| CVE-2020-10987 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-11-07 | 10.0 HIGH | 9.8 CRITICAL |
|
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
|
|||||
| CVE-2018-14558 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2025-11-07 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.
|
|||||
| CVE-2025-63454 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-11-05 | N/A | 7.5 HIGH |
|
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow via the deviceId parameter in the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-63458 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-11-05 | N/A | 7.5 HIGH |
|
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
|
|||||
| CVE-2025-12611 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-12596 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
|
|||||
| CVE-2025-12622 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was determined in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function formSysRunCmd of the file /goform/SysRunCmd. This manipulation of the argument getui causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
|
|||||
| CVE-2025-12619 | 1 Tenda | 2 A15, A15 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.
|
|||||
| CVE-2025-12618 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-11-05 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2023-4498 | 1 Tenda | 2 N300, N300 Firmware | 2025-11-04 | N/A | 5.3 MEDIUM |
|
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only
|
|||||
| CVE-2025-31355 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 7.2 HIGH |
|
A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
|
|||||
| CVE-2025-32010 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 8.1 HIGH |
|
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
|
|||||
| CVE-2025-30256 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 8.6 HIGH |
|
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
|
|||||
| CVE-2025-27129 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 9.8 CRITICAL |
|
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.
|
|||||
| CVE-2025-24496 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 7.5 HIGH |
|
An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.
|
|||||
| CVE-2025-24322 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-11-03 | N/A | 8.1 HIGH |
|
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability.
|
|||||
| CVE-2025-60341 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-28 | N/A | 7.5 HIGH |
|
Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
|||||
| CVE-2025-60340 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-28 | N/A | 7.5 HIGH |
|
Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.
|
|||||
| CVE-2025-12210 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2025-10-28 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
|
|||||
| CVE-2025-12213 | 1 Tenda | 2 O3, O3 Firmware1.0.0.10\(2478\) | 2025-10-28 | 9.0 HIGH | 8.8 HIGH |
|
A security vulnerability has been detected in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
|
|||||