Filtered by vendor Tenda
Subscribe
Total
626 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46532 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-04-16 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter. | |||||
| CVE-2022-46531 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-04-16 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter. | |||||
| CVE-2022-47116 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-10 | N/A | 7.5 HIGH |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd. | |||||
| CVE-2024-30891 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-10 | N/A | 8.8 HIGH |
| A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution. | |||||
| CVE-2025-25679 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 8.0 HIGH |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | |||||
| CVE-2025-1851 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-04-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-51116 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-09 | N/A | 8.8 HIGH |
| Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. | |||||
| CVE-2024-44859 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-04-09 | N/A | 8.0 HIGH |
| Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`. | |||||
| CVE-2025-3161 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-46060 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-04-09 | N/A | 7.5 HIGH |
| A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component. | |||||
| CVE-2024-32305 | 1 Tenda | 2 A18, A18 Firmware | 2025-04-09 | N/A | 8.8 HIGH |
| Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-35340 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-04-09 | N/A | 8.6 HIGH |
| Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand. | |||||
| CVE-2024-30645 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-08 | N/A | 8.0 HIGH |
| Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter. | |||||
| CVE-2024-52788 | 1 Tenda | 2 W9, W9 Firmware | 2025-04-07 | N/A | 8.0 HIGH |
| Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | |||||
| CVE-2024-52789 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-07 | N/A | 8.0 HIGH |
| Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root. | |||||
| CVE-2025-3259 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-04-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3328 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-04-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2024-33181 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-07 | N/A | 8.8 HIGH |
| Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter. | |||||
| CVE-2024-41492 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-04-07 | N/A | 7.5 HIGH |
| A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-41630 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-07 | N/A | 7.6 HIGH |
| Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid parameter at ip/goform/fast_setting_wifi_set. | |||||