Filtered by vendor Tenda
Subscriptions
Total
1061 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27042 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-02-20 | 8.8 High |
| Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/SetFirewallCfg. | ||||
| CVE-2025-25343 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-02-19 | 9.8 Critical |
| Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | ||||
| CVE-2024-0532 | 1 Tenda | 2 A15, A15 Firmware | 2025-02-16 | 7.2 High |
| A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2485 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-02-13 | 8.8 High |
| A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speed_dir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256892. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-26976 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-02-13 | 7.5 High |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||||
| CVE-2024-36604 | 1 Tenda | 2 O3, O3 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges. | ||||
| CVE-2024-35580 | 1 Tenda | 1 Ax1806 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv. | ||||
| CVE-2024-35579 | 1 Tenda | 1 Ax1806 Firmware | 2025-02-13 | 7.7 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv. | ||||
| CVE-2024-35578 | 1 Tenda | 1 Ax1806 Firmware | 2025-02-13 | 8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv. | ||||
| CVE-2024-35576 | 1 Tenda | 1 Ax1806 Firmware | 2025-02-13 | 5.2 Medium |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv. | ||||
| CVE-2024-35571 | 1 Tenda | 1 Ax1806 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | ||||
| CVE-2024-34974 | 1 Tenda | 1 Ac18 | 2025-02-13 | 8.2 High |
| Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. | ||||
| CVE-2024-34946 | 1 Tenda | 1 Fh1206 Firmware | 2025-02-13 | 6.5 Medium |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient. | ||||
| CVE-2024-34945 | 1 Tenda | 1 Fh1206 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle. | ||||
| CVE-2024-34944 | 1 Tenda | 1 Fh1206 Firmware | 2025-02-13 | 8.8 High |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient. | ||||
| CVE-2024-34943 | 1 Tenda | 1 Fh1206 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting. | ||||
| CVE-2024-34942 | 1 Tenda | 1 Fh1206 Firmware | 2025-02-13 | 8.8 High |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand. | ||||
| CVE-2024-34338 | 1 Tenda | 1 O3v2 | 2025-02-13 | 7.2 High |
| Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to exploit this vulnerability. | ||||
| CVE-2023-25212 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25211 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||