Tenda

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-6964 1Tenda 1O3 Firmware1.0.0.10(2478) Nov 21, 2024 Jul 22, 2024 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. Affected is the function fromDhcpSetSer. The manipulation of the argument dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway leads to stack-...Show more A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.10. Affected is the function fromDhcpSetSer. The manipulation of the argument dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-272118 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-6963 1Tenda 1O3 Firmware1.0.0.10(2478) Nov 21, 2024 Jul 22, 2024 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The...Show more A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10. This issue affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272117 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-6962 1Tenda 1O3 Firmware1.0.0.10(2478) Nov 21, 2024 Jul 22, 2024 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buf...Show more A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vulnerability affects the function formQosSet. The manipulation of the argument remark/ipRange/upSpeed/downSpeed/enable leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272116. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-41492 1Tenda 1Ax1806 Firmware Apr 7, 2025 Jul 19, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2024-39963 1Tenda 2Ax12 Firmware Ax9 Firmware Jun 4, 2025 Jul 19, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the...Show more AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01.46 were discovered to contain an authenticated remote command execution (RCE) vulnerability via the macFilterType parameter at /goform/setMacFilterCfg.Show less
CVE-2024-40515 1Tenda 1Ax2 Pro Firmware Jul 7, 2025 Jul 16, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote attacker to execute arbitrary code via the Routing functionality.
CVE-2024-40503 1Tenda 1Ax12 Firmware Jul 7, 2025 Jul 16, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.
CVE-2024-33181 1Tenda 1Ac18 Firmware Apr 7, 2025 Jul 16, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceMac parameter at ip/goform/addWifiMacFilter.
CVE-2024-40416 1Tenda 1Ax1806 Firmware Nov 21, 2024 Jul 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
CVE-2024-40415 1Tenda 1Ax1806 Firmware Nov 21, 2024 Jul 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
CVE-2024-40414 1Tenda 1Ax1806 Firmware Nov 21, 2024 Jul 15, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.
CVE-2024-40417 1Tenda 1Ax1806 Firmware Apr 7, 2025 Jul 10, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow.
CVE-2024-40412 1Tenda 1Ax12 Firmware Jul 7, 2025 Jul 10, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 Tenda AX12 v1.0 v22.03.01.46 contains a stack overflow in the deviceList parameter of the sub_42E410 function.
CVE-2023-48194 1Tenda 1Ac8 Firmware Dec 8, 2025 Jul 9, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
CVE-2024-36604 1Tenda 1O3 Firmware Dec 13, 2024 Jun 4, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges.
CVE-2024-35340 1Tenda 1Fh1206 Firmware Apr 9, 2025 May 24, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand.
CVE-2024-35339 1Tenda 1Fh1206 Firmware Apr 9, 2025 May 24, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac.
CVE-2024-35580 1Tenda 1Ax1806 Firmware Mar 17, 2025 May 20, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.
CVE-2024-35579 1Tenda 1Ax1806 Firmware Mar 17, 2025 May 20, 2024 N/A· v4 7.7 HIGH· v3 N/A· v2 Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.
CVE-2024-35578 1Tenda 1Ax1806 Firmware Mar 17, 2025 May 20, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.

Previous 1...424344...92 Next