PT-2026-49292

Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action set volume function through the volume parameter. Recommendations At the moment, there is no information about a newer version that contains a...

CVE-2026-36770

Shenzhen Tenda Technology Co., Ltd Tenda USW3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the asktoreboot function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2026-48175

Shenzhen Tenda Technology Co., Ltd Tenda US W3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the ask to reboot function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2026-48204

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36770

Shenzhen Tenda Technology Co., Ltd Tenda USW3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the asktoreboot function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-36820

CVE-2026-36820 affects Shenzhen Tenda Technology Co., Ltd. Tenda W20E v15.11.0.6. A buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function is described, enabling a crafted HTTP request to trigger a Denial of Service (DoS). No exploitation details, affected v...

EUVD-2026-35077

A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...

EUVD-2026-35028

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

CVE-2026-11498 affects Tenda HG7HG9/HG10 devices (Web Management Interface) due to a stack-based buffer overflow in function asp_voip_OtherSet within the /boaform/voip_other_set module. The issue is triggered by manipulating the funckey_transfer parameter and can be exploited remotely over the ne...

EUVD-2026-35024

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etcro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level ...

PT-2026-47297

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-7080

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

EUVD-2026-25664

A flaw has been found in Tenda HG10 HG7HG9HG10re300001138enxpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack remotely. The exploit h...

CVE-2026-6988

A flaw has been found in Tenda HG10 HG7HG9HG10re300001138enxpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa Service. This manipulation of the argument nextHop causes buffer overflow. It is possible to initiate the attack remotely. The exploit h...

CVE-2026-5684

A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...

CVE-2026-5527

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-5155

A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been mad...

CVE-2026-5153 Tenda CH22 WriteFacMac FormWriteFacMac command injection

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...