Filtered by vendor Tenda
Subscribe
Total
1441 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-57570 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS. | |||||
| CVE-2025-57571 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT. | |||||
| CVE-2025-57572 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl. | |||||
| CVE-2025-57573 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi. | |||||
| CVE-2025-57078 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57085 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57086 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the String parameter in the formDeleteMeshNode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57060 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57064 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57063 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57061 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57059 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57058 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57057 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-10120 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-09-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. | |||||
| CVE-2025-52054 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-09-09 | N/A | 5.3 MEDIUM |
| An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device. | |||||
| CVE-2025-55852 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-09-08 | N/A | 7.5 HIGH |
| Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g. | |||||
| CVE-2025-9813 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-9812 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2025-9731 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-09-04 | 1.0 LOW | 2.5 LOW |
| A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown function of the file /etc_ro/shadow of the component Administrative Interface. This manipulation causes hard-coded credentials. It is possible to launch the attack on the local host. The attack's complexity is rated as high. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. | |||||