CVE-2026-4565

A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used...

CVE-2023-49437

Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList...

CVE-2022-38831

Tenda RX9Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList...

CVE-2025-9087

A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2025-9087

A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...

CVE-2025-9087 Tenda AC20 SetNetControlList Endpoint set_qosMib_list stack-based overflow

A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function setqosMiblist of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack...

Tenda AC20 安全漏洞

The Tenda AC20 is a wireless router from the Chinese company Tenda. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from the failure of the parameter list of the setqosMiblist function in the /goform/SetNetControlList file to correctly validate the length of the input...

CVE-2022-38510

TendaTX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList...

Tenda RX9 Pro和Tenda RX9 安全漏洞

Both the Tenda RX9 Pro and the Tenda RX9 are a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda RX9 Pro and Tenda RX9, which originates from the list parameter in the sub4337EC function on the /goform/SetNetControlList page that fails to correctl...

PT-2024-2262 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical vulnerability is associated with the function formSetQosBand of the file /goform/SetNetControlList in the Tenda AC18 router's firmware. The issue arises from a stack-based buffer overflow...

CVE-2023-49427

Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service DoS via list parameter in SetNetControlList function...

PT-2024-14303 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A remote code execution issue was discovered via the list parameter at the "/goform/SetNetControlList" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, as a temporary workaround,...

Tenda AX3 安全漏洞

The Tenda Ax3 is an Ax1800 Gigabit Port Dual Band Wifi 6 Wireless Router from Tenda China. A code execution vulnerability exists in Tenda AX3 version v16.03.12.11, which stems from the list parameter in /goform/SetNetControlList failing to correctly filter the special elements of the constructed...

CVE-2023-49434

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNetControlList...

CVE-2023-49436

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList...

PT-2023-31225 · Tenda · Tenda Ax9

Name of the Vulnerable Software and Affected Versions: Tenda AX9 version V22.03.01.46 Description: A command injection issue has been discovered in the list parameter at the "/goform/SetNetControlList" API endpoint. This allows for potential command injection attacks. Recommendations: For Tenda A...

Tenda AC8 /goform/SetNetControlList Buffer Overflow Vulnerability

Tenda AC8 is a dual-band Gigabit wireless router from Tenda, designed for fiber optic homes up to 1000 megabytes, supporting dual-band concurrent transmission rates up to 1167Mbps, equipped with full Gigabit ports 1 WAN port + 3 LAN ports for 100-1000 megabit broadband access. Tenda AC8 suffers...

CVE-2023-40900

Tenda AC8 v4 USAC8V4.0siV16.03.34.06cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList...

CVE-2023-34569

Tenda AC10 v4 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList...

Tenda AC10 缓冲区错误漏洞

Tenda AC10 is a wireless router from Tenda China. A security vulnerability exists in the Tenda AC10 v4 USAC10V4.0siV16.03.10.13cn version, which stems from a discovery via the list parameter of /goform/SetNetControlList contains a stack overflow issue...