Filtered by vendor Tenda
Subscriptions
Total
1198 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29215 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-03-25 | 6.5 Medium |
| Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList. | ||||
| CVE-2025-29214 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-03-25 | 7.5 High |
| Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg. | ||||
| CVE-2025-29101 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-25 | 7.5 High |
| Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. | ||||
| CVE-2024-42978 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-25 | 9.8 Critical |
| An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request. | ||||
| CVE-2023-24332 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-25 | 8.1 High |
| A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet. | ||||
| CVE-2023-24333 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2025-03-25 | 8.8 High |
| A stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi. | ||||
| CVE-2023-24334 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-03-25 | 8.0 High |
| A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter. | ||||
| CVE-2024-30620 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-03-25 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan. | ||||
| CVE-2024-30635 | 1 Tenda | 2 F1202, F1202 Firmware | 2025-03-25 | 9.8 Critical |
| Tenda F1202 v1.2.0.20(408) has a stack overflow vulnerability located in the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2023-0782 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-03-24 | 7.2 High |
| A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640. | ||||
| CVE-2024-57582 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-22 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. | ||||
| CVE-2025-0349 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-22 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2018-14558 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2025-03-20 | 9.8 Critical |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. | ||||
| CVE-2024-57579 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. | ||||
| CVE-2023-40830 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | ||||
| CVE-2025-29386 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | 9.8 Critical |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | ||||
| CVE-2025-29385 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | 9.8 Critical |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | ||||
| CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | 9.8 Critical |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | ||||
| CVE-2025-29031 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | ||||
| CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | ||||