Vendor CVEs
Tenda
All CVEs
2,034 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-5798 | 0.00 | — | 0.01 | Jun 6, 2025 | A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possible to launch the attack… | |||
| CVE-2025-5795 | 0.00 | — | 0.01 | Jun 6, 2025 | A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to initiate the attack… | |||
| CVE-2025-5794 | 0.00 | — | 0.01 | Jun 6, 2025 | A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be launched… | |||
| CVE-2025-5685 | 0.00 | — | 0.01 | Jun 5, 2025 | A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely.… | |||
| CVE-2025-5629 | 0.00 | — | 0.01 | Jun 5, 2025 | A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Handler. The manipulation of the argument startIp/endIp leads to buffer overflow.… | |||
| CVE-2025-5619 | 0.00 | — | 0.01 | Jun 4, 2025 | A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated… | |||
| CVE-2025-5609 | 0.00 | — | 0.01 | Jun 4, 2025 | A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The… | |||
| CVE-2025-5608 | 0.00 | — | 0.01 | Jun 4, 2025 | A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to launch the attack… | |||
| CVE-2025-5607 | 0.00 | — | 0.01 | Jun 4, 2025 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The… | |||
| CVE-2025-5527 | 0.00 | — | 0.08 | Jun 3, 2025 | A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may… | |||
| CVE-2025-44172 | 0.00 | — | 0.00 | Jun 2, 2025 | Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | |||
| CVE-2025-45343 | 0.00 | — | 0.01 | May 28, 2025 | An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route. | |||
| CVE-2025-5080 | 0.00 | — | 0.01 | May 22, 2025 | A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack… | |||
| CVE-2025-4897 | 0.00 | — | 0.04 | May 18, 2025 | A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to initiate… | |||
| CVE-2025-4896 | 0.00 | — | 0.01 | May 18, 2025 | A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched… | |||
| CVE-2025-4867 | 0.00 | — | 0.01 | May 18, 2025 | A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The… | |||
| CVE-2025-4810 | 0.00 | — | 0.01 | May 16, 2025 | A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The… | |||
| CVE-2025-4809 | 0.00 | — | 0.01 | May 16, 2025 | A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch… | |||
| CVE-2025-44175 | 0.00 | — | 0.00 | May 12, 2025 | Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function. | |||
| CVE-2025-45779 | 0.00 | — | 0.05 | May 12, 2025 | Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter. | |||
| CVE-2025-44176 | 0.00 | — | 0.07 | May 12, 2025 | Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. | |||
| CVE-2025-45513 | 0.00 | — | 0.00 | May 9, 2025 | Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter. | |||
| CVE-2025-45514 | 0.00 | — | 0.00 | May 7, 2025 | Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm. | |||
| CVE-2025-4368 | 0.00 | — | 0.01 | May 6, 2025 | A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack… | |||
| CVE-2025-4356 | 0.00 | — | 0.01 | May 6, 2025 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow.… | |||
| CVE-2025-4355 | 0.00 | — | 0.01 | May 6, 2025 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has… | |||
| CVE-2025-4354 | 0.00 | — | 0.01 | May 6, 2025 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been… | |||
| CVE-2025-4299 | 0.00 | — | 0.01 | May 6, 2025 | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been… | |||
| CVE-2025-44899 | 0.00 | — | 0.00 | May 6, 2025 | There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow. | |||
| CVE-2025-44900 | 0.00 | — | 0.00 | May 6, 2025 | In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow. | |||
| CVE-2025-4298 | 0.00 | — | 0.01 | May 5, 2025 | A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been… | |||
| CVE-2025-44865 | 0.00 | — | 0.01 | May 1, 2025 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||
| CVE-2025-44866 | 0.00 | — | 0.01 | May 1, 2025 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||
| CVE-2025-44864 | 0.00 | — | 0.01 | May 1, 2025 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||
| CVE-2025-44867 | 0.00 | — | 0.01 | May 1, 2025 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | |||
| CVE-2025-46631 | 0.00 | — | 0.05 | May 1, 2025 | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request. | |||
| CVE-2025-46635 | 0.00 | — | 0.00 | May 1, 2025 | An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and… | |||
| CVE-2025-46629 | 0.00 | — | 0.01 | May 1, 2025 | Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate' has been enabled by sending a crafted UDP packet | |||
| CVE-2025-46633 | 0.00 | — | 0.00 | May 1, 2025 | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in… | |||
| CVE-2025-46630 | 0.00 | — | 0.00 | May 1, 2025 | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request. | |||
| CVE-2025-46626 | 0.00 | — | 0.00 | May 1, 2025 | Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service. | |||
| CVE-2025-46634 | 0.00 | — | 0.00 | May 1, 2025 | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption,… | |||
| CVE-2025-46632 | 0.00 | — | 0.00 | May 1, 2025 | Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server. | |||
| CVE-2025-46627 | 0.00 | — | 0.00 | May 1, 2025 | Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address. | |||
| CVE-2025-46628 | 0.00 | — | 0.02 | May 1, 2025 | Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not… | |||
| CVE-2025-46625 | 0.00 | — | 0.01 | May 1, 2025 | Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to gain root shell access to the device by sending a crafted web request. This is persistent… | |||
| CVE-2025-4007 | 0.00 | — | 0.01 | Apr 28, 2025 | A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer… | |||
| CVE-2025-45427 | 0.00 | — | 0.01 | Apr 23, 2025 | In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||
| CVE-2025-45428 | 0.00 | — | 0.01 | Apr 23, 2025 | In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||
| CVE-2025-45429 | 0.00 | — | 0.01 | Apr 23, 2025 | In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution. |
- CVE-2025-5798Jun 6, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possible to launch the attack…
- CVE-2025-5795Jun 6, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to initiate the attack…
- CVE-2025-5794Jun 6, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be launched…
- CVE-2025-5685Jun 5, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely.…
- CVE-2025-5629Jun 5, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Handler. The manipulation of the argument startIp/endIp leads to buffer overflow.…
- CVE-2025-5619Jun 4, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated…
- CVE-2025-5609Jun 4, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The…
- CVE-2025-5608Jun 4, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to launch the attack…
- CVE-2025-5607Jun 4, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The…
- CVE-2025-5527Jun 3, 2025risk 0.00cvss —epss 0.08
A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may…
- CVE-2025-44172Jun 2, 2025risk 0.00cvss —epss 0.00
Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function.
- CVE-2025-45343May 28, 2025risk 0.00cvss —epss 0.01
An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the editing functionality of the account module in the goform/setmodules route.
- CVE-2025-5080May 22, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack…
- CVE-2025-4897May 18, 2025risk 0.00cvss —epss 0.04
A vulnerability was found in Tenda A15 15.13.07.09/15.13.07.13. It has been classified as critical. This affects an unknown part of the file /goform/multimodalAdd of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to initiate…
- CVE-2025-4896May 18, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched…
- CVE-2025-4867May 18, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The…
- CVE-2025-4810May 16, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The…
- CVE-2025-4809May 16, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function fromSafeSetMacFilter of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. It is possible to launch…
- CVE-2025-44175May 12, 2025risk 0.00cvss —epss 0.00
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
- CVE-2025-45779May 12, 2025risk 0.00cvss —epss 0.05
Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.
- CVE-2025-44176May 12, 2025risk 0.00cvss —epss 0.07
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
- CVE-2025-45513May 9, 2025risk 0.00cvss —epss 0.00
Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter.
- CVE-2025-45514May 7, 2025risk 0.00cvss —epss 0.00
Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.frmL7ImForm.
- CVE-2025-4368May 6, 2025risk 0.00cvss —epss 0.01
A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack…
- CVE-2025-4356May 6, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow.…
- CVE-2025-4355May 6, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has…
- CVE-2025-4354May 6, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been…
- CVE-2025-4299May 6, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been rated as critical. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been…
- CVE-2025-44899May 6, 2025risk 0.00cvss —epss 0.00
There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow.
- CVE-2025-44900May 6, 2025risk 0.00cvss —epss 0.00
In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow.
- CVE-2025-4298May 5, 2025risk 0.00cvss —epss 0.01
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been…
- CVE-2025-44865May 1, 2025risk 0.00cvss —epss 0.01
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
- CVE-2025-44866May 1, 2025risk 0.00cvss —epss 0.01
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
- CVE-2025-44864May 1, 2025risk 0.00cvss —epss 0.01
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
- CVE-2025-44867May 1, 2025risk 0.00cvss —epss 0.01
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
- CVE-2025-46631May 1, 2025risk 0.00cvss —epss 0.05
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a /goform/telnet web request.
- CVE-2025-46635May 1, 2025risk 0.00cvss —epss 0.00
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is authenticated to the guest Wi-Fi) to access resources on the router and/or resources and…
- CVE-2025-46629May 1, 2025risk 0.00cvss —epss 0.01
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate' has been enabled by sending a crafted UDP packet
- CVE-2025-46633May 1, 2025risk 0.00cvss —epss 0.00
Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the symmetric AES key from collected and/or observed traffic. The AES key in sent in…
- CVE-2025-46630May 1, 2025risk 0.00cvss —epss 0.00
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a /goform/ate web request.
- CVE-2025-46626May 1, 2025risk 0.00cvss —epss 0.00
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic to the service.
- CVE-2025-46634May 1, 2025risk 0.00cvss —epss 0.00
Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting credentials from observed/collected traffic. It implements encryption,…
- CVE-2025-46632May 1, 2025risk 0.00cvss —epss 0.00
Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between client and server.
- CVE-2025-46627May 1, 2025risk 0.00cvss —epss 0.00
Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information. The password is based on the last two digits/octets of the MAC address.
- CVE-2025-46628May 1, 2025risk 0.00cvss —epss 0.02
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending a crafted UDP packet to the 'ate' service when it is enabled. Authentication is not…
- CVE-2025-46625May 1, 2025risk 0.00cvss —epss 0.01
Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to gain root shell access to the device by sending a crafted web request. This is persistent…
- CVE-2025-4007Apr 28, 2025risk 0.00cvss —epss 0.01
A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer…
- CVE-2025-45427Apr 23, 2025risk 0.00cvss —epss 0.01
In Tenda AC9 v1.0 with firmware V15.03.05.14_multi, the security parameter of /goform/WifiBasicSet has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
- CVE-2025-45428Apr 23, 2025risk 0.00cvss —epss 0.01
In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
- CVE-2025-45429Apr 23, 2025risk 0.00cvss —epss 0.01
In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
Page 16 of 41