CVE-2022-45505

Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand...

CVE-2022-25458

Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function...

Tenda AC6 Code Execution Vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. A code execution vulnerability exists in the Tenda AC6 that stems from the cmdinput parameter of the formexeCommand function failing to properly filter special elements of the constructed snippet. No details of the vulnerability a...

CVE-2025-25507

There is a RCE vulnerability in Tenda AC6 15.03.05.16multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution...

CVE-2025-25507

There is a RCE vulnerability in Tenda AC6 15.03.05.16multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution...

Tenda AC6 安全漏洞

The Tenda AC6 is a wireless router from the Chinese company Tenda. A code execution vulnerability exists in the Tenda AC6 that stems from the cmdinput parameter of the formexeCommand function failing to properly filter special elements of the constructed snippet. No details of the vulnerability a...

CVE-2025-25507

There is a RCE vulnerability in Tenda AC6 15.03.05.16multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution...

PT-2025-7567 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 V1.0 V15.03.06.23 Description: The issue is related to a command injection vulnerability located in the formexeCommand function. The str variable receives the cmdinput parameter from a POST request and is later assigned to the cmd...

PT-2025-7557 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 15.03.05.16 multi Description: The issue is related to a remote code execution RCE problem. In the formexeCommand function, the parameter cmdinput can cause remote command execution. Recommendations: For Tenda AC6 version...

VulnCheck KEV: CVE-2024-30891

A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which allows attackers to construct cmdinput parameters for arbitrary command execution...

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

CVE-2024-41468

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the cmdinput parameter at /goform/exeCommand...

Tenda O3 formexeCommand function buffer overflow vulnerability

Tenda O3 is an outdoor wireless bridge from Tenda, China. A security vulnerability exists in Tenda O3, which stems from the manipulation of the parameter cmdinput in the function formexeCommand can lead to a stack-based buffer overflow, which could allow remote launch of an attack. No detailed...

PT-2024-38002 · Tenda · Tenda O3

Name of the Vulnerable Software and Affected Versions: Tenda O3 version 1.0.0.10 Description: A critical issue has been found in the formexeCommand function, where the manipulation of the cmdinput argument leads to a stack-based buffer overflow. This issue can be exploited remotely. The vendor wa...

CVE-2024-35340

Tenda FH1206 V1.2.0.88155 was discovered to contain a command injection vulnerability via the cmdinput parameter at ip/goform/formexeCommand...

PT-2024-26441 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 1.2.0.88155 Description: A command injection issue was found, which can be exploited via the cmdinput parameter at the "ip/goform/formexeCommand" endpoint. Recommendations: For Tenda FH1206 version 1.2.0.88155, avoid usin...

Tenda FH1206 安全漏洞

The Tenda FH1206 is a wireless router from Tenda China. The Tenda FH1206 version 1.2.0.88155 suffers from a command execution vulnerability, which stems from the cmdinput parameter of ip/goform/formexeCommand failing to correctly filter constructed command special characters, commands, etc., whic...

VulnCheck KEV: CVE-2022-35555

A command injection vulnerability exists in /goform/exeCommand in Tenda W6 V1.0.0.94122, which allows attackers to construct cmdinput parameters for arbitrary command execution...

Tenda i21 formexeCommand function buffer overflow vulnerability

Tenda i21 is a wireless access point from Tenda China. A buffer overflow vulnerability exists in Tenda i21 version 1.0.0.144656, which originates from the parameter cmdinput of the function formexeCommand that fails to correctly validate the length of the input data, and can be exploited by a...