Filtered by vendor Tenda
Subscribe
Total
1179 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14558 | 1 Tenda | 6 Ac10, Ac10 Firmware, Ac7 and 3 more | 2025-03-20 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. | |||||
| CVE-2024-57579 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. | |||||
| CVE-2023-40830 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length. | |||||
| CVE-2025-29386 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29385 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-29031 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | |||||
| CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | |||||
| CVE-2024-44552 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. | |||||
| CVE-2024-57581 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. | |||||
| CVE-2024-57580 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||||
| CVE-2025-29029 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-18 | N/A | 9.8 CRITICAL |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function. | |||||
| CVE-2024-42952 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-03-18 | N/A | 7.5 HIGH |
| Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | |||||
| CVE-2025-29387 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-17 | N/A | 7.1 HIGH |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
| CVE-2025-25667 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info. | |||||
| CVE-2025-25668 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | N/A | 9.8 CRITICAL |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function. | |||||
| CVE-2024-32293 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.0 HIGH |
| Tenda W30E v1.0 V1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromDhcpListClient function. | |||||
| CVE-2024-32292 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 8.8 HIGH |
| Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. | |||||
| CVE-2024-32291 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 7.5 HIGH |
| Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function. | |||||
| CVE-2024-32290 | 1 Tenda | 2 W30e, W30e Firmware | 2025-03-17 | N/A | 6.7 MEDIUM |
| Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. | |||||