Filtered by vendor Tenda
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-15007 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 10.0 HIGH | 9.8 CRITICAL |
| A security vulnerability has been detected in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/L7Im of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-15180 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/webExcptypemanFilte of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-15179 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was determined in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/qossetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-15178 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/VirtualSer of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used. | |||||
| CVE-2025-15177 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability has been found in Tenda WH450 1.0.0.18. This vulnerability affects unknown code of the file /goform/SetIpBind of the component HTTP Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15163 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was identified in Tenda WH450 1.0.0.18. Affected by this issue is some unknown functionality of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-15160 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/PPTPServer. Such manipulation of the argument ip1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15046 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-15045 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 10.0 HIGH | 9.8 CRITICAL |
| A flaw has been found in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/Natlimit of the component HTTP Request Handler. This manipulation of the argument page causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2025-15044 | 1 Tenda | 2 Wh450, Wh450 Firmware | 2025-12-30 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability was detected in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. | |||||
| CVE-2025-14654 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-12-19 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-14286 | 1 Tenda | 1 Ac9 Firmware | 2025-12-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was determined in Tenda AC9 15.03.05.14_multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-65804 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2025-12-11 | N/A | 6.5 MEDIUM |
| Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType parameter, which can cause memory corruption and enable remote code execution (RCE). | |||||
| CVE-2023-40896 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind. | |||||
| CVE-2023-40899 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg. | |||||
| CVE-2023-39785 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 7.5 HIGH |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function. | |||||
| CVE-2023-39786 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 7.5 HIGH |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function. | |||||
| CVE-2023-40892 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | |||||
| CVE-2023-39784 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 7.5 HIGH |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function. | |||||
| CVE-2023-40893 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | N/A | 9.8 CRITICAL |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet. | |||||