Filtered by vendor Tenda
Subscriptions
Total
1579 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-2978 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-04-10 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258147. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2983 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-10 | 8.8 High |
| A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. Affected by this issue is the function formSetClientState of the file /goform/SetClientState. The manipulation of the argument deviceId/limitSpeed/limitSpeedUp leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258152. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-2987 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-10 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258156. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-30593 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function. | ||||
| CVE-2024-30584 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. | ||||
| CVE-2024-30602 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function. | ||||
| CVE-2025-25634 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-10 | 6.5 Medium |
| A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src leads to stack-based buffer overflow. | ||||
| CVE-2022-47116 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-10 | 7.5 High |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd. | ||||
| CVE-2022-45995 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2025-04-10 | 9.8 Critical |
| There is an unauthorized buffer overflow vulnerability in Tenda AX12 v22.03.01.21 _ cn. This vulnerability can cause the web service not to restart or even execute arbitrary code. It is a different vulnerability from CVE-2022-2414. | ||||
| CVE-2024-30891 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-10 | 8.8 High |
| A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution. | ||||
| CVE-2024-33835 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function. | ||||
| CVE-2025-25676 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | ||||
| CVE-2025-25678 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2025-25679 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 8 High |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | ||||
| CVE-2025-25505 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-10 | 6.5 Medium |
| Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function. | ||||
| CVE-2025-25507 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-10 | 6.5 Medium |
| There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution. | ||||
| CVE-2025-25510 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-04-10 | 6.5 Medium |
| Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function. | ||||
| CVE-2025-1851 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-04-10 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-25632 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-04-09 | 9.8 Critical |
| Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet. | ||||
| CVE-2024-51116 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-09 | 8.8 High |
| Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'. | ||||