Filtered by vendor Tenda
Subscriptions
Total
1384 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0534 | 1 Tenda | 2 A15, A15 Firmware | 2025-06-17 | 7.2 High |
| A vulnerability classified as critical has been found in Tenda A15 15.13.07.13. Affected is an unknown function of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250704. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-5609 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5608 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5607 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-36587 | 1 Tenda | 2 G3, G3 Firmware | 2025-06-17 | 9.8 Critical |
| In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary. | ||||
| CVE-2025-6111 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6110 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6113 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. Affected is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-40830 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-06-17 | 9.8 Critical |
| Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | ||||
| CVE-2023-49427 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-06-16 | 7.5 High |
| Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service (DoS) via list parameter in SetNetControlList function. | ||||
| CVE-2023-51968 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-16 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function getIptvInfo. | ||||
| CVE-2023-51960 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-16 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv. | ||||
| CVE-2024-0992 | 1 Tenda | 2 I6, I6 Firmware | 2025-06-16 | 7.2 High |
| A vulnerability was found in Tenda i6 1.0.0.9(3857) and classified as critical. This issue affects the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-5900 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-06-16 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-50991 | 1 Tenda | 2 I29, I29 Firmware | 2025-06-13 | 7.5 High |
| Buffer Overflow vulnerability in Tenda i29 versions 1.0 V1.0.0.5 and 1.0 V1.0.0.2, allows remote attackers to cause a denial of service (DoS) via the pingIp parameter in the pingSet function. | ||||
| CVE-2024-0533 | 1 Tenda | 2 A15, A15 Firmware | 2025-06-13 | 7.2 High |
| A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250703. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-45779 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-13 | 9.8 Critical |
| Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter. | ||||
| CVE-2025-44175 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-06-13 | 5.4 Medium |
| Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function. | ||||
| CVE-2025-5606 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-06-10 | 6.3 Medium |
| A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argument list leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5685 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-06-10 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||