Filtered by vendor Tenda
Subscribe
Total
1240 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-51116 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-09 | N/A | 8.8 HIGH |
| Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. | |||||
| CVE-2024-44859 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-04-09 | N/A | 8.0 HIGH |
| Tenda FH1201 v1.2.0.14 has a stack buffer overflow vulnerability in `formWrlExtraGet`. | |||||
| CVE-2025-22949 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg, which may lead to remote arbitrary code execution. | |||||
| CVE-2025-22946 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda ac9 v1.0 firmware v15.03.05.19 contains a stack overflow vulnerability in /goform/SetOnlineDevName, which may lead to remote arbitrary code execution. | |||||
| CVE-2024-57483 | 1 Tenda | 2 I24, I24 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. | |||||
| CVE-2025-3161 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-32282 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-09 | N/A | 6.3 MEDIUM |
| Tenda FH1202 v1.2.0.14(408) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. | |||||
| CVE-2024-32302 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-09 | N/A | 6.3 MEDIUM |
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32315 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-09 | N/A | 4.7 MEDIUM |
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | |||||
| CVE-2023-46060 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-04-09 | N/A | 7.5 HIGH |
| A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component. | |||||
| CVE-2024-32305 | 1 Tenda | 2 A18, A18 Firmware | 2025-04-09 | N/A | 8.8 HIGH |
| Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-35340 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-04-09 | N/A | 8.6 HIGH |
| Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand. | |||||
| CVE-2024-35339 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-04-09 | N/A | 9.8 CRITICAL |
| Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac. | |||||
| CVE-2024-30645 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-08 | N/A | 8.0 HIGH |
| Tenda AC15V1.0 V15.03.20_multi has a command injection vulnerability via the deviceName parameter. | |||||
| CVE-2024-30613 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-08 | N/A | 4.3 MEDIUM |
| Tenda AC15 v15.03.05.18 has a stack overflow vulnerability in the time parameter from the setSmartPowerManagement function. | |||||
| CVE-2025-2993 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is some unknown functionality of the file /default.cfg. The manipulation of the argument these leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3167 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-04-08 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in Tenda AC23 16.03.07.52. This issue affects some unknown processing of the file /goform/VerAPIMant of the component API Interface. The manipulation of the argument getuid leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3203 | 1 Tenda | 2 W18e, W18e Firmware | 2025-04-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2995 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2996 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affects some unknown processing of the file /goform/SysToolDDNS of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||