CVE-2026-24110

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may send overly long addDhcpRules data. When these rules enter the addDhcpRule function and are processed by ret = sscanfpRule, " %d\t%^\t\t%^\n\r\t", &dhcpsIndex, dhcpsIP, dhcpsMac;, the lack of size validation for the rules could...

CVE-2026-24110

CVE-2026-24110 affects Tenda W20E V4.0br_V15.11.0.6. The issue arises in the addDhcpRule path where overly long addDhcpRules data is processed by sscanf without proper size validation, potentially causing buffer overflows in dhcpsIndex, dhcpsIP, and dhcpsMac. Public descriptions consistently cite...

CVE-2025-57059

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57062

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57064

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57064

CVE-2025-57064 affects Tenda G3, specifically v3.0br_V15.11.0.17, which contains a stack overflow in the bindDhcpIndex parameter of the modifyDhcpRule function. The vulnerability can cause a Denial of Service (DoS) when a crafted request is sent. Exploitation details are not provided in the avail...

CVE-2022-40868

Tenda W20E router V15.11.0.6 USW20EV4.0brV15.11.0.610681546841CNTDC contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/...

CVE-2024-4165

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.179502. Affected is the function modifyDhcpRule of the file /goform/modifyDhcpRule. The manipulation of the argument bindDhcpIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. T...

CVE-2024-4116

A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this vulnerability is the function formDelDhcpRule of the file /goform/DelDhcpRule. The manipulation of the argument delDhcpIndex leads to stack-based buffer overflow. The attack can be launched...

CVE-2022-36585

In Tenda G3 USG3V3.0brV15.11.0.67663ENTDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf...

CVE-2021-45994

Tenda routers G1 and G3 v15.11.0.179502CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service DoS via the delDhcpIndex parameter...

CVE-2021-45994

Tenda routers G1 and G3 v15.11.0.179502CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service DoS via the delDhcpIndex parameter...