← Back

Tendacn

tendacn

146 CVEs • 48 products

Products (48)

Click to collapse
Toggle
G3 Firmware
g3_firmware
28 CVEs
Ac6 Firmware
ac6_firmware
27 CVEs
G1 Firmware
g1_firmware
23 CVEs
Ac10u Firmware
ac10u_firmware
23 CVEs
Ac15 Firmware
ac15_firmware
20 CVEs
Ac18 Firmware
ac18_firmware
18 CVEs
Ac9 Firmware
ac9_firmware
17 CVEs
Fh1201 Firmware
fh1201_firmware
15 CVEs
Ac10 Firmware
ac10_firmware
7 CVEs
Pa6 Firmware
pa6_firmware
4 CVEs
Ac23 Ac2100 Firmware
ac23_ac2100_firmware
4 CVEs
A301 Firmware
a301_firmware
4 CVEs
F1200 Firmware
f1200_firmware
2 CVEs
Fh1202 Firmware
fh1202_firmware
2 CVEs
F1202 Firmware
f1202_firmware
2 CVEs
Ac7 Firmware
ac7_firmware
2 CVEs
Ac9v1.0 Firmware
ac9v1.0_firmware
2 CVEs
Ac1200 Firmware
ac1200_firmware
2 CVEs
D152 Firmware
d152_firmware
1 CVE
Adsl Firmware
adsl_firmware
1 CVE
N301 Firmware
n301_firmware
1 CVE
G0 Firmware
g0_firmware
1 CVE
Cp3 Firmware
cp3_firmware
1 CVE
I29 Firmware
i29_firmware
1 CVE
F1200
f1200
0 CVEs
Fh1202
fh1202
0 CVEs
F1202
f1202
0 CVEs
Ac15
ac15
0 CVEs
Ac7
ac7
0 CVEs
Ac9
ac9
0 CVEs
Ac10
ac10
0 CVEs
Ac18
ac18
0 CVEs
D152
d152
0 CVEs
Adsl
adsl
0 CVEs
N301
n301
0 CVEs
Ac1200 Smart Dual Band Gigabit Wifi
ac1200_smart_dual-band_gigabit_wifi
0 CVEs
Ac6
ac6
0 CVEs
Pa6
pa6
0 CVEs
Ac1200
ac1200
0 CVEs
G0
g0
0 CVEs
G1
g1
0 CVEs
G3
g3
0 CVEs
Ac10u
ac10u
0 CVEs
Ac23 Ac2100
ac23_ac2100
0 CVEs
Cp3
cp3
0 CVEs
A301
a301
0 CVEs
I29
i29
0 CVEs
Fh1201
fh1201
0 CVEs

CVEs (146)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-41460
1Tendacn
1Fh1201 Firmware
Nov 21, 2024
Jul 24, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter at ip/goform/RouteStatic.
CVE-2024-41459
1Tendacn
1Fh1201 Firmware
Nov 21, 2024
Jul 24, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda FH1201 v1.2.0.14 was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter at ip/goform/QuickIndex.
CVE-2024-35338
1Tendacn
1I29 Firmware
Nov 21, 2024
Jul 16, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
CVE-2024-33182
1Tendacn
1Ac18 Firmware
Nov 21, 2024
Jul 16, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.
CVE-2024-33180
1Tendacn
1Ac18 Firmware
Nov 21, 2024
Jul 16, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.
CVE-2024-6403
1Tendacn
1A301 Firmware
Nov 21, 2024
Jun 28, 2024
7.1 HIGH· v4
9.8 CRITICAL· v3
6.8 MEDIUM· v2
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument...Show more
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12. Affected by this issue is the function formWifiBasicSet of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269948. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-6402
1Tendacn
1A301 Firmware
Nov 21, 2024
Jun 28, 2024
7.1 HIGH· v4
9.8 CRITICAL· v3
6.8 MEDIUM· v2
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devN...Show more
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269947. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-6189
1Tendacn
1A301 Firmware
Nov 21, 2024
Jun 20, 2024
8.7 HIGH· v4
8.8 HIGH· v3
9.0 HIGH· v2
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto lea...Show more
A vulnerability was found in Tenda A301 15.13.08.12. It has been classified as critical. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-24488
1Tendacn
1Cp3 Firmware
Jun 5, 2025
Feb 7, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component.
CVE-2024-0932
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-base...Show more
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This issue affects the function setSmartPowerManagement. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252137 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0931
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-b...Show more
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. This vulnerability affects the function saveParentControlInfo. The manipulation of the argument deviceId/time/urls leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252136. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0930
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer ov...Show more
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49_multi_TDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252135. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0929
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buf...Show more
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been rated as critical. Affected by this issue is the function fromNatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252134 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0928
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to...Show more
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been declared as critical. Affected by this vulnerability is the function fromDhcpListClient. The manipulation of the argument page/listN leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252133 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0927
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-base...Show more
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01. It has been classified as critical. Affected is the function fromAddressNat. The manipulation of the argument entrys/mitInterface/page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252132. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0926
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. Th...Show more
A vulnerability was found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This issue affects the function formWifiWpsOOB. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252131. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0925
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buff...Show more
A vulnerability has been found in Tenda AC10U 15.03.06.49_multi_TDE01 and classified as critical. This vulnerability affects the function formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252130 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0923
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-...Show more
A vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this issue is the function formSetDeviceName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0922
1Tendacn
1Ac10u Firmware
Nov 21, 2024
Jan 26, 2024
N/A· v4
9.8 CRITICAL· v3
5.8 MEDIUM· v2
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based...Show more
A vulnerability classified as critical was found in Tenda AC10U 15.03.06.49_multi_TDE01. Affected by this vulnerability is the function formQuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252127. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2024-0535
1Tendacn
1Pa6 Firmware
Nov 21, 2024
Jan 15, 2024
N/A· v4
9.8 CRITICAL· v3
9.0 HIGH· v2
A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName...Show more
A vulnerability classified as critical was found in Tenda PA6 1.0.1.21. Affected by this vulnerability is the function cgiPortMapAdd of the file /portmap of the component httpd. The manipulation of the argument groupName leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250705 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.Show less