VYPR

W15E

by Tenda

CVEs (26)

  • CVE-2026-36808HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2026-36807HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2026-36806HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

  • CVE-2017-14515HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.01

    Heap-based Buffer Overflow on Tenda W15E devices before 15.11.0.14 allows remote attackers to cause a denial of service (temporary HTTP outage and forced logout) via unspecified vectors.

  • CVE-2017-14514HigSep 17, 2017
    risk 0.49cvss 7.5epss 0.02

    Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.

  • CVE-2026-30140Mar 9, 2026
    risk 0.00cvss epss 0.00

    An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive…

Page 2 of 2