CVE-2026-6137

Tenda F451 affected: 1.0.0.7_cn_svn7958. A stack-based overflow in function fromAdvSetWan (/goform/AdvSetWan) is triggered by manipulating wanmode/PPPOEPassword, enabling remote exploitation. Public PoC/exploitation details exist; remediation guidance in PT-security entry recommends updating to a...

CVE-2026-6015

This CVE concerns the Tenda AC9 device (firmware version 15.03.02.13). The vulnerability affects the function formQuickIndex in the file /goform/QuickIndex of the POST Request Handler. The issue arises from manipulation of the PPPOEPassword argument, causing a stack-based buffer overflow. An atta...

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC6 version 15.03.05.16. The vulnerability stems from the parameter PPPOEPassword in the file /goform/QuickIndex that fails to properly validate the length and size of the input data...

CVE-2026-4903

CVE-2026-4903 affects the Tenda AC5 (firmware 15.03.06.47). The vulnerability is in the POST /goform/QuickIndex handler function formQuickIndex, where manipulating the PPPOEPassword argument triggers a stack-based buffer overflow. The attack can be mounted remotely, with the exploit published and...

CVE-2026-3678

Technical details about CVE-2026-3678 are not provided in the connected documents. Monitor for updates.

PT-2024-29407 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 Description: A stack-based buffer overflow issue was discovered via the PPPOEPassword parameter at the "/ip/goform/QuickIndex" API endpoint. Recommendations: For Tenda FH1201 version 1.2.0.14, avoid using the...

PT-2024-2877 · Tenda · Tenda Ac500

Name of the Vulnerable Software and Affected Versions: Tenda AC500 version 2.0.1.91307 Description: A critical issue affects the formQuickIndex function of the /goform/QuickIndex file, leading to a stack-based buffer overflow when the PPPOEPassword argument is manipulated. This can be exploited...

Tenda F1202 formQuickIndex Method Buffer Overflow Vulnerability

The Tenda F1202 is an enterprise-grade dual-band wireless router that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1200Mbps, equipped with four 5dBi antennas to enhance signal coverage. The Tenda F1202 suffers from a buffer overflow vulnerability that stems from the...

Tenda FH1203 安全漏洞

Tenda FH1203 is a dual-band wireless router from Tenda China, mainly used for home network coverage. The Tenda FH1203 suffers from a buffer overflow vulnerability that originates from the PPPOEPassword parameter of the formQuickIndex method of the /goform/QuickIndex file that fails to correctly...

Tenda FH1202 安全漏洞

The Tenda FH1202 is a wireless router from Tenda China. A buffer overflow vulnerability exists in the Tenda FH1202 version 1.2.0.14408, which is caused by the PPPOEPassword parameter of the formQuickIndex method of the /goform/QuickIndex file failing to correctly validate the length of the input...