Filtered by vendor Tenda
Subscribe
Total
1523 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-57569 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT. | |||||
| CVE-2025-57570 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS. | |||||
| CVE-2025-57571 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT. | |||||
| CVE-2025-57572 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl. | |||||
| CVE-2025-57573 | 1 Tenda | 2 F3, F3 Firmware | 2025-09-17 | N/A | 5.6 MEDIUM |
| Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi. | |||||
| CVE-2025-57078 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57085 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57086 | 1 Tenda | 2 W30e, W30e Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the String parameter in the formDeleteMeshNode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57060 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-17 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57064 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57063 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57061 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57059 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57058 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-57057 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | N/A | 7.5 HIGH |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
| CVE-2025-10120 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-09-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. | |||||
| CVE-2025-52054 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-09-09 | N/A | 5.3 MEDIUM |
| An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device. | |||||
| CVE-2025-55852 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-09-08 | N/A | 7.5 HIGH |
| Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g. | |||||
| CVE-2025-9813 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | |||||
| CVE-2025-9812 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-04 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was determined in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. | |||||