Filtered by vendor Tenda
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-3768 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-09 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-3802 | 1 Tenda | 2 I3, I3 Firmware | 2026-03-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-3803 | 1 Tenda | 2 I3, I3 Firmware | 2026-03-09 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-3804 | 1 Tenda | 2 I3, I3 Firmware | 2026-03-09 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-24105 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-06 | N/A | 9.8 CRITICAL |
| An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd. | |||||
| CVE-2025-70252 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-03-06 | N/A | 7.5 HIGH |
| An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability. | |||||
| CVE-2026-24103 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability was discovered in goform/formSetMacFilterCfg in Tenda AC15V1.0 V15.03.05.18_multi. | |||||
| CVE-2026-25857 | 1 Tenda | 2 G300-f, G300-f Firmware | 2026-03-05 | N/A | 8.8 HIGH |
| Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality (formSetWanDiag). The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without adequate neutralization. As a result, a remote attacker with access to the affected management interface can inject additional shell syntax and execute arbitrary commands on the device with the privileges of the management process. | |||||
| CVE-2026-24113 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and concatenated using `sprintf` without proper size validation, it could lead to a buffer overflow vulnerability. | |||||
| CVE-2026-24111 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addAuthUser` function and processed by `sscanf` without size validation, it could lead to buffer overflow. | |||||
| CVE-2026-24109 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-05 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `picName`. When this value is used in `sprintf` without validating variable sizes, it could lead to a buffer overflow vulnerability. | |||||
| CVE-2025-69765 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2026-03-04 | N/A | 7.5 HIGH |
| Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution. | |||||
| CVE-2026-24115 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the sizes of `gstup` and `gstdwn` before concatenating them into `gstruleQos` may lead to buffer overflow. | |||||
| CVE-2026-24114 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate `pPortMapIndex` may lead to buffer overflows when using `strcpy`. | |||||
| CVE-2026-24112 | 1 Tenda | 2 W20e, W20e Firmware | 2026-03-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addWewifiWhiteUser` function and processed by `sscanf` without size validation, it could lead to a buffer overflow vulnerability. | |||||
| CVE-2026-3400 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-03 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-24101 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-03 | N/A | 9.8 CRITICAL |
| An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability. | |||||
| CVE-2026-3376 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-03 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-3377 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-03 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. | |||||
| CVE-2026-3378 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-03 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | |||||