Filtered by vendor Tenda
Subscribe
Total
1353 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5619 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-06-06 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-51955 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-06 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv. | |||||
| CVE-2025-5629 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-06 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Handler. The manipulation of the argument startIp/endIp leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-45481 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg. | |||||
| CVE-2025-44900 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-06-04 | N/A | 6.5 MEDIUM |
| In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow. | |||||
| CVE-2025-44899 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-06-04 | N/A | 9.8 CRITICAL |
| There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow. | |||||
| CVE-2024-39963 | 1 Tenda | 4 Ax12, Ax12 Firmware, Ax9 and 1 more | 2025-06-04 | N/A | 8.0 HIGH |
| AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg. | |||||
| CVE-2025-44172 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-06-03 | N/A | 6.5 MEDIUM |
| Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | |||||
| CVE-2025-45343 | 1 Tenda | 2 W18e, W18e Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route. | |||||
| CVE-2023-51971 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo. | |||||
| CVE-2023-51964 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | |||||
| CVE-2023-51956 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv | |||||
| CVE-2023-51954 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv. | |||||
| CVE-2023-50585 | 1 Tenda | 2 A18, A18 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||||
| CVE-2023-49437 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. | |||||
| CVE-2023-49404 | 1 Tenda | 2 W30e, W30e Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet. | |||||
| CVE-2024-52274 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52273 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52272 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52275 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. | |||||