Filtered by vendor Tenda
Subscribe
Total
1485 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-5629 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-06 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Handler. The manipulation of the argument startIp/endIp leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-45481 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-05 | N/A | 9.8 CRITICAL |
| Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg. | |||||
| CVE-2025-44900 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-06-04 | N/A | 6.5 MEDIUM |
| In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow. | |||||
| CVE-2025-44899 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-06-04 | N/A | 9.8 CRITICAL |
| There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow. | |||||
| CVE-2024-39963 | 1 Tenda | 4 Ax12, Ax12 Firmware, Ax9 and 1 more | 2025-06-04 | N/A | 8.0 HIGH |
| AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg. | |||||
| CVE-2023-51812 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList. | |||||
| CVE-2025-44172 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-06-03 | N/A | 6.5 MEDIUM |
| Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | |||||
| CVE-2025-45343 | 1 Tenda | 2 W18e, W18e Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route. | |||||
| CVE-2023-51971 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo. | |||||
| CVE-2023-51964 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | |||||
| CVE-2023-51956 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv | |||||
| CVE-2023-51954 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv. | |||||
| CVE-2023-50585 | 1 Tenda | 2 A18, A18 Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||||
| CVE-2023-49437 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. | |||||
| CVE-2023-49404 | 1 Tenda | 2 W30e, W30e Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet. | |||||
| CVE-2024-52274 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52273 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52272 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52275 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. | |||||
| CVE-2025-3236 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-05-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/VirSerDMZ of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||