Filtered by vendor Tenda
Subscribe
Total
1325 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3820 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3802 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-3803 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4007 | 1 Tenda | 4 I24, I24 Firmware, W12 and 1 more | 2025-07-30 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-51089 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 6.5 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow. | |||||
| CVE-2025-51088 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow. | |||||
| CVE-2025-51087 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 8.6 HIGH |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. | |||||
| CVE-2025-51085 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow. | |||||
| CVE-2025-51082 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-07-28 | N/A | 5.3 MEDIUM |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow. | |||||
| CVE-2025-7807 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7806 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7805 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7796 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7795 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7794 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7793 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7792 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7855 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. | |||||
| CVE-2025-7854 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-7853 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||