CVE-2025-9087

The CVE-2025-9087 vulnerability affects Tenda AC20 firmware 16.03.08.12, specifically the SetNetControlList component’s set_qosMib_list function in /goform/SetNetControlList. The issue arises from failure to validate the length of the input argument, causing a stack-based buffer overflow. This en...

The vulnerability of the /goform/SetNetControlList component in the Tenda TX3 router software allows a attacker to compromise the accessibility of protected information.

The vulnerability of the /goform/SetNetControlList component in the Tenda TX3 router software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the accessibility of protected information...

The vulnerability of the formSetQosBand function (/goform/SetNetControlList) in the Tenda AC10U V1.0 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetQosBand function /goform/SetNetControlList in the Tenda AC10U V1.0 router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

Tenda AX9 Security Vulnerability

Tenda AX9 is a Wi-Fi 6 router from Tenda, China. A security vulnerability exists in Tenda AX9 version V22.03.01.46, which was discovered to contain a command injection vulnerability via the "list" parameter of /goform/SetNetControlList...

CVE-2022-28082

Tenda AX12 v22.03.01.21CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList...

CVE-2022-28082

Tenda AX12 v22.03.01.21CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList...