Filtered by vendor Tenda Subscriptions
Total 1281 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-39963 1 Tenda 4 Ax12, Ax12 Firmware, Ax9 and 1 more 2025-06-04 8 High
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg.
CVE-2023-51812 1 Tenda 2 Ax3, Ax3 Firmware 2025-06-03 9.8 Critical
Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList.
CVE-2025-44172 1 Tenda 2 Ac6, Ac6 Firmware 2025-06-03 6.5 Medium
Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
CVE-2025-45343 1 Tenda 2 W18e, W18e Firmware 2025-06-03 9.8 Critical
An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route.
CVE-2023-51971 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-03 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo.
CVE-2023-51964 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-03 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
CVE-2023-51956 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-03 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv
CVE-2023-51954 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-03 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.
CVE-2023-50585 1 Tenda 2 A18, A18 Firmware 2025-06-03 9.8 Critical
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.
CVE-2024-0531 1 Tenda 2 A15, A15 Firmware 2025-06-03 7.2 High
A vulnerability was found in Tenda A15 15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/setBlackRule of the component Web-based Management Interface. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250701 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0539 1 Tenda 2 W9, W9 Firmware 2025-06-03 8.8 High
A vulnerability was found in Tenda W9 1.0.0.7(4456) and classified as critical. This issue affects the function formQosManage_user of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250709 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0540 1 Tenda 2 W9, W9 Firmware 2025-06-03 6.3 Medium
A vulnerability was found in Tenda W9 1.0.0.7(4456). It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250710 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0995 1 Tenda 2 W6, W6 Firmware 2025-06-02 7.2 High
A vulnerability was found in Tenda W6 1.0.0.9(4122). It has been rated as critical. Affected by this issue is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252260. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-0993 1 Tenda 2 I6, I6 Firmware 2025-05-29 7.2 High
A vulnerability was found in Tenda i6 1.0.0.9(3857). It has been classified as critical. Affected is the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252258 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-49437 1 Tenda 2 Ax12, Ax12 Firmware 2025-05-28 9.8 Critical
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.
CVE-2023-49404 1 Tenda 2 W30e, W30e Firmware 2025-05-28 9.8 Critical
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
CVE-2024-52274 1 Tenda 2 Ac6, Ac6 Firmware 2025-05-28 9.8 Critical
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
CVE-2024-52273 1 Tenda 2 Ac6, Ac6 Firmware 2025-05-28 9.8 Critical
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
CVE-2024-52272 1 Tenda 2 Ac6, Ac6 Firmware 2025-05-28 9.8 Critical
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
CVE-2024-52275 1 Tenda 2 Ac6, Ac6 Firmware 2025-05-28 9.8 Critical
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.