← Back

Tenda

tenda

1,840 CVEs • 218 products

Products (218)

Click to collapse
Toggle
Ac6 Firmware
ac6_firmware
108 CVEs
Ac18 Firmware
ac18_firmware
103 CVEs
Ac9 Firmware
ac9_firmware
92 CVEs
Ac10 Firmware
ac10_firmware
92 CVEs
Ac15 Firmware
ac15_firmware
85 CVEs
Ac7 Firmware
ac7_firmware
68 CVEs
W30e Firmware
w30e_firmware
63 CVEs
Fh1202 Firmware
fh1202_firmware
63 CVEs
Ac8 Firmware
ac8_firmware
62 CVEs
Ax1806 Firmware
ax1806_firmware
61 CVEs
Ax1803 Firmware
ax1803_firmware
60 CVEs
Ax3 Firmware
ax3_firmware
53 CVEs
M3 Firmware
m3_firmware
45 CVEs
Ac1206 Firmware
ac1206_firmware
44 CVEs
Ac5 Firmware
ac5_firmware
40 CVEs
Fh1206 Firmware
fh1206_firmware
39 CVEs
Ch22 Firmware
ch22_firmware
39 CVEs
Fh1203 Firmware
fh1203_firmware
35 CVEs
F1203 Firmware
f1203_firmware
34 CVEs
W15e Firmware
w15e_firmware
31 CVEs
Ax12 Firmware
ax12_firmware
31 CVEs
F453 Firmware
f453_firmware
30 CVEs
Ac21 Firmware
ac21_firmware
29 CVEs
Fh1205 Firmware
fh1205_firmware
29 CVEs
Fh451 Firmware
fh451_firmware
28 CVEs
Ac23 Firmware
ac23_firmware
27 CVEs
Fh1201 Firmware
fh1201_firmware
25 CVEs
G3 Firmware
g3_firmware
24 CVEs
F1202 Firmware
f1202_firmware
24 CVEs
W20e Firmware
w20e_firmware
23 CVEs
A15 Firmware
a15_firmware
22 CVEs
F456 Firmware
f456_firmware
22 CVEs
Wh450 Firmware
wh450_firmware
21 CVEs
Ac20 Firmware
ac20_firmware
20 CVEs
I21 Firmware
i21_firmware
19 CVEs
W9 Firmware
w9_firmware
19 CVEs
Ac10u Firmware
ac10u_firmware
19 CVEs
I22 Firmware
i22_firmware
17 CVEs
Rx3 Firmware
rx3_firmware
17 CVEs
Ac500 Firmware
ac500_firmware
16 CVEs
O3 Firmware
o3_firmware
16 CVEs
F451 Firmware
f451_firmware
16 CVEs
W18e Firmware
w18e_firmware
15 CVEs
Tx3 Firmware
tx3_firmware
14 CVEs
4g300 Firmware
4g300_firmware
12 CVEs
I9 Firmware
i9_firmware
11 CVEs
A18 Firmware
a18_firmware
11 CVEs
Ax9 Firmware
ax9_firmware
11 CVEs
Rx2 Pro Firmware
rx2_pro_firmware
11 CVEs
F3 Firmware
f3_firmware
10 CVEs
W6 S Firmware
w6-s_firmware
10 CVEs
I29 Firmware
i29_firmware
10 CVEs
O3 Firmware1.0.0.10(2478)
o3_firmware1.0.0.10(2478)
10 CVEs
Ac11 Firmware
ac11_firmware
9 CVEs
Tx9 Pro Firmware
tx9_pro_firmware
9 CVEs
Rx9 Pro Firmware
rx9_pro_firmware
9 CVEs
I12 Firmware
i12_firmware
9 CVEs
W6 Firmware
w6_firmware
8 CVEs
W12 Firmware
w12_firmware
8 CVEs
I3 Firmware
i3_firmware
8 CVEs
Hg9 Firmware
hg9_firmware
7 CVEs
Cp3 Firmware
cp3_firmware
7 CVEs
I6 Firmware
i6_firmware
7 CVEs
W3 Firmware
w3_firmware
7 CVEs
Pw201a Firmware
pw201a_firmware
6 CVEs
I24 Firmware
i24_firmware
6 CVEs
A21 Firmware
a21_firmware
6 CVEs
Cx12l Firmware
cx12l_firmware
6 CVEs
G1 Firmware
g1_firmware
5 CVEs
Ac6v2.0 Firmware
ac6v2.0_firmware
5 CVEs
G103 Firmware
g103_firmware
5 CVEs
Pa202 Firmware
pa202_firmware
5 CVEs
Tx9 Firmware
tx9_firmware
4 CVEs
O6 Firmware
o6_firmware
4 CVEs
Hg10 Firmware
hg10_firmware
4 CVEs
Hg3 Firmware
hg3_firmware
4 CVEs
N301 Firmware
n301_firmware
3 CVEs
Ac10v4 Firmware
ac10v4_firmware
3 CVEs
N300 Firmware
n300_firmware
2 CVEs
O1 Firmware
o1_firmware
2 CVEs
Cp3 Pro Firmware
cp3_pro_firmware
2 CVEs
4g03 Pro Firmware
4g03_pro_firmware
2 CVEs
A5s Firmware
a5s_firmware
1 CVE
A5s
a5s
1 CVE
A32 Firmware
a32_firmware
1 CVE
A32
a32
1 CVE
N3 Wireless N150
n3_wireless_n150
1 CVE
Hg6 Firmware
hg6_firmware
1 CVE
Ap500v1 Firmware
ap500v1_firmware
1 CVE
11n Firmware
11n_firmware
1 CVE
Ac23
ac23
1 CVE
It7 Lcs Firmware
it7-lcs_firmware
1 CVE
It7 Pcs Firmware
it7-pcs_firmware
1 CVE
It7 Prs Firmware
it7-prs_firmware
1 CVE
Cp7 Firmware
cp7_firmware
1 CVE
Wh450a Firmware
wh450a_firmware
1 CVE
Ac19 Firmware
ac19_firmware
1 CVE
A301 Firmware
a301_firmware
1 CVE
Ax2 Pro Firmware
ax2_pro_firmware
1 CVE
O5 Firmware
o5_firmware
1 CVE

CVEs (1,840)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-2895
1Tenda
1Ac7 Firmware
Jan 22, 2025
Mar 26, 2024
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. This vulnerability affects the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to...Show more
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. This vulnerability affects the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257938 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2894
1Tenda
1Ac7 Firmware
Jan 22, 2025
Mar 26, 2024
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. This affects the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack...Show more
A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. This affects the function formSetQosBand of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257937 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2893
1Tenda
1Ac7 Firmware
Jan 22, 2025
Mar 26, 2024
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads...Show more
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257936. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2892
1Tenda
1Ac7 Firmware
Jan 22, 2025
Mar 26, 2024
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads t...Show more
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257935. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2891
1Tenda
1Ac7 Firmware
Jan 22, 2025
Mar 26, 2024
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack...Show more
A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257934 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2856
1Tenda
1Ac10 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the ar...Show more
A vulnerability, which was classified as critical, has been found in Tenda AC10 16.03.10.13/16.03.10.20. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257780. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2855
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the ar...Show more
A vulnerability classified as critical was found in Tenda AC15 15.03.05.18/15.03.05.19/15.03.20. Affected by this vulnerability is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257779. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2854
1Tenda
1Ac18 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command inj...Show more
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257778 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2853
1Tenda
1Ac10u Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical. This issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName...Show more
A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical. This issue affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257777 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2852
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the a...Show more
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257776. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2851
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
6.5 MEDIUM· v2
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName...Show more
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formSetSambaConf of the file /goform/setsambacfg. The manipulation of the argument usbName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257775. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2850
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 24, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Affected by this issue is the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument url...Show more
A vulnerability was found in Tenda AC15 15.03.05.18 and classified as critical. Affected by this issue is the function saveParentControlInfo of the file /goform/saveParentControlInfo. The manipulation of the argument urls leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257774 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2817
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
6.5 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads t...Show more
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257672. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2816
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
6.5 MEDIUM· v3
5.0 MEDIUM· v2
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site requ...Show more
A vulnerability classified as problematic was found in Tenda AC15 15.03.05.18. Affected by this vulnerability is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2815
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the...Show more
A vulnerability classified as critical has been found in Tenda AC15 15.03.20_multi. Affected is the function R7WebsSecurityHandler of the file /goform/execCommand of the component Cookie Handler. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257670 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2814
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to...Show more
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been rated as critical. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257669 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2813
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of...Show more
A vulnerability was found in Tenda AC15 15.03.20_multi. It has been declared as critical. This vulnerability affects the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257668. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2812
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac lead...Show more
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as critical. This affects the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257667. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2811
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to...Show more
A vulnerability was found in Tenda AC15 15.03.20_multi and classified as critical. Affected by this issue is the function formWifiWpsStart of the file /goform/WifiWpsStart. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-2810
1Tenda
1Ac15 Firmware
Nov 21, 2024
Mar 22, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the ar...Show more
A vulnerability has been found in Tenda AC15 15.03.05.18/15.03.20_multi and classified as critical. Affected by this vulnerability is the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257665 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less