VYPR

Vendor CVEs

Tenda

All CVEs

2,034 total · sorted by risk
  • CVE-2025-3820Apr 19, 2025
    risk 0.00cvss epss 0.08

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The…

  • CVE-2025-3803Apr 19, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack…

  • CVE-2025-3802Apr 19, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can…

  • CVE-2025-3786Apr 18, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The…

  • CVE-2025-25454Apr 17, 2025
    risk 0.00cvss epss 0.00

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanSpeed2.

  • CVE-2025-25457Apr 17, 2025
    risk 0.00cvss epss 0.01

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via cloneType2.

  • CVE-2025-25455Apr 17, 2025
    risk 0.00cvss epss 0.00

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via wanMTU2.

  • CVE-2025-25458Apr 15, 2025
    risk 0.00cvss epss 0.00

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serverName2.

  • CVE-2025-25453Apr 15, 2025
    risk 0.00cvss epss 0.00

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serviceName2.

  • CVE-2025-25456Apr 15, 2025
    risk 0.00cvss epss 0.01

    Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via mac2.

  • CVE-2025-3328Apr 7, 2025
    risk 0.00cvss epss 0.05

    A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to…

  • CVE-2025-3259Apr 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be…

  • CVE-2025-3237Apr 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/wrlwpsset. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been…

  • CVE-2025-3236Apr 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/VirSerDMZ of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be…

  • CVE-2025-3203Apr 4, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be…

  • CVE-2025-3167Apr 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in Tenda AC23 16.03.07.52. This issue affects some unknown processing of the file /goform/VerAPIMant of the component API Interface. The manipulation of the argument getuid leads to denial of service. The…

  • CVE-2025-3161Apr 3, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely.…

  • CVE-2025-29462Apr 3, 2025
    risk 0.00cvss epss 0.00

    A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack.

  • CVE-2025-2996Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affects some unknown processing of the file /goform/SysToolDDNS of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be…

  • CVE-2025-2995Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be…

  • CVE-2025-2994Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). This affects an unknown part of the file /goform/qossetting of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to initiate the…

  • CVE-2025-2993Mar 31, 2025
    risk 0.00cvss epss 0.08

    A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is some unknown functionality of the file /default.cfg. The manipulation of the argument these leads to improper access controls. The attack may be launched…

  • CVE-2025-2992Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is an unknown functionality of the file /goform/AdvSetWrlsafeset of the component Web Management Interface. The manipulation leads to improper access controls. The…

  • CVE-2025-2991Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to launch the…

  • CVE-2025-2990Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/AdvSetWrlGstset of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be…

  • CVE-2025-2989Mar 31, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/AdvSetWrl of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be…

  • CVE-2025-28220Mar 28, 2025
    risk 0.00cvss epss 0.00

    Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request.

  • CVE-2025-28221Mar 28, 2025
    risk 0.00cvss epss 0.00

    Tenda W6_S v1.0.0.4_510 has a Buffer Overflow vulnerability in the set_local_time function, which allows remote attackers to cause web server crash via parameter time passed to the binary through a POST request.

  • CVE-2025-29135Mar 24, 2025
    risk 0.00cvss epss 0.01

    A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.

  • CVE-2025-29100Mar 24, 2025
    risk 0.00cvss epss 0.01

    Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list.

  • CVE-2025-29217Mar 20, 2025
    risk 0.00cvss epss 0.01

    Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

  • CVE-2025-29101Mar 20, 2025
    risk 0.00cvss epss 0.00

    Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function.

  • CVE-2025-29218Mar 20, 2025
    risk 0.00cvss epss 0.00

    Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiPwd parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.

  • CVE-2025-29215Mar 20, 2025
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_43fdcc function at /goform/SetNetControlList.

  • CVE-2025-29149Mar 20, 2025
    risk 0.00cvss epss 0.00

    Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.

  • CVE-2025-29121Mar 20, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow.

  • CVE-2025-29214Mar 20, 2025
    risk 0.00cvss epss 0.01

    Tenda AX12 v22.03.01.46_CN was discovered to contain a stack overflow via the sub_42F69C function at /goform/setMacFilterCfg.

  • CVE-2025-29118Mar 19, 2025
    risk 0.00cvss epss 0.00

    Tenda AC8 V16.03.34.06 was discovered to contain a stack overflow via the src parameter in the function sub_47D878.

  • CVE-2025-29137Mar 19, 2025
    risk 0.00cvss epss 0.01

    Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set function, which can cause RCE.

  • CVE-2025-29385Mar 14, 2025
    risk 0.00cvss epss 0.01

    In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

  • CVE-2025-29386Mar 14, 2025
    risk 0.00cvss epss 0.01

    In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

  • CVE-2025-29387Mar 14, 2025
    risk 0.00cvss epss 0.01

    In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

  • CVE-2025-29031Mar 14, 2025
    risk 0.00cvss epss 0.00

    Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.

  • CVE-2025-29029Mar 14, 2025
    risk 0.00cvss epss 0.00

    Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.

  • CVE-2025-29030Mar 14, 2025
    risk 0.00cvss epss 0.00

    Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.

  • CVE-2025-29032Mar 14, 2025
    risk 0.00cvss epss 0.04

    Tenda AC9 v15.03.05.19(6318) was discovered to contain a buffer overflow via the formWifiWpsOOB function.

  • CVE-2025-29359Mar 13, 2025
    risk 0.00cvss epss 0.00

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

  • CVE-2025-29357Mar 13, 2025
    risk 0.00cvss epss 0.00

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

  • CVE-2025-29362Mar 13, 2025
    risk 0.00cvss epss 0.00

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/setPptpUserList. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

  • CVE-2025-29361Mar 13, 2025
    risk 0.00cvss epss 0.01

    Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the list parameter at /goform/SetVirtualServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Page 17 of 41