Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-5849 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-30 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-5609 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-30 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. | |||||
| CVE-2026-4041 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-02 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda i12 1.0.0.6(2204). Impacted is the function vos_strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-4042 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-02 | 9.0 HIGH | 8.8 HIGH |
| A weakness has been identified in Tenda i12 1.0.0.6(2204). The affected element is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. This manipulation of the argument index causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-4043 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-02 | 9.0 HIGH | 8.8 HIGH |
| A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2025-25676 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | |||||
| CVE-2025-25678 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 9.8 CRITICAL |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | |||||
| CVE-2025-25679 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | N/A | 8.0 HIGH |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | |||||
| CVE-2025-29149 | 1 Tenda | 2 I12, I12 Firmware | 2025-03-27 | N/A | 7.5 HIGH |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. | |||||