Filtered by vendor Tenda
Subscribe
Total
1328 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-30590 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | N/A |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. | |||||
| CVE-2024-30594 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | N/A |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. | |||||
| CVE-2024-30593 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | N/A |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function. | |||||
| CVE-2024-30596 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | N/A |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the formSetDeviceName function. | |||||
| CVE-2024-30595 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | N/A | N/A |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addWifiMacFilter function. | |||||
| CVE-2024-42947 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-03-13 | N/A | 9.8 CRITICAL |
| An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows attackers to execute arbitrary commands via a crafted HTTP request. | |||||
| CVE-2024-2546 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-11 | N/A | 8.8 HIGH |
| A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-25231 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||||
| CVE-2023-25235 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 7.5 HIGH |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function formOneSsidCfgSet via parameter ssid. | |||||
| CVE-2023-25234 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. | |||||
| CVE-2023-25233 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-10 | N/A | 9.8 CRITICAL |
| Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. | |||||
| CVE-2024-4236 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-03-06 | N/A | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. This issue affects the function formSetSysToolDDNS of the file /goform/SetDDNSCfg. The manipulation of the argument serverName/ddnsUser/ddnsPwd/ddnsDomain leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262127. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-4020 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-06 | N/A | 8.8 HIGH |
| A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-3874 | 1 Tenda | 2 W20e, W20e Firmware | 2025-03-06 | N/A | 8.8 HIGH |
| A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formSetRemoteWebManage of the file /goform/SetRemoteWebManage. The manipulation of the argument remoteIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-260908. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-0848 | 1 Tenda | 2 A18, A18 Firmware | 2025-03-06 | N/A | 9.8 CRITICAL |
| A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-25343 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-05 | N/A | 9.8 CRITICAL |
| Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | |||||
| CVE-2025-1899 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | N/A | 7.5 HIGH |
| A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1896 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | N/A | 7.5 HIGH |
| A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1897 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1898 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-03-05 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||