Filtered by vendor Tenda
Subscriptions
Total
1485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-10987 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-07-30 | 9.8 Critical |
| The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. | ||||
| CVE-2021-31755 | 1 Tenda | 2 Ac11, Ac11 Firmware | 2025-07-30 | 9.8 Critical |
| An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request. | ||||
| CVE-2025-51089 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 6.5 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac` leads to heap-based buffer overflow. | ||||
| CVE-2025-51088 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow. | ||||
| CVE-2025-51087 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 8.6 High |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow. | ||||
| CVE-2025-51085 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow. | ||||
| CVE-2025-51082 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 | 2025-07-28 | 5.3 Medium |
| Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument `timeZone` leads to stack-based buffer overflow. | ||||
| CVE-2025-7807 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. This issue affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7806 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7805 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7796 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7795 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7794 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7793 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7792 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7855 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely. | ||||
| CVE-2025-7854 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7853 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7914 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-07-23 | 8.8 High |
| A vulnerability has been found in Tenda AC6 15.03.06.50 and classified as critical. Affected by this vulnerability is the function setparentcontrolinfo of the component httpd. The manipulation leads to buffer overflow. The attack can be launched remotely. | ||||
| CVE-2025-7747 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2025-07-21 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. The manipulation of the argument PPW leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||