CVE-2026-1637

The CVE-2026-1637 vulnerability affects Tenda AC21 model 16.03.08.16, specifically the function fromAdvSetMacMtuWan in the file /goform/AdvSetMacMtuWan. The issue is a stack-based buffer overflow caused by manipulation of that function, leading to remote code execution. The vulnerability is explo...

CVE-2025-71026

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-71027

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-71023

The CVE-2025-71023 vulnerability affects the Tenda AX-3 router (version 16.03.12.10_CN). A stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function is described, which can be exploited to cause a Denial of Service via a crafted request. Reports across multiple sources (NVD, RH, CN...

Tenda AX-3 安全漏洞

Tenda AX-3 is a home smart wireless router from Tenda that supports Wi-Fi6 802.11ax standard for home networking environment. The Tenda AX-3 suffers from a stack buffer overflow vulnerability, which stems from the wanMTU2 parameter in the fromAdvSetMacMtuWan function failing to correctly validate...

CVE-2025-71025

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-67074

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...

CVE-2025-67073

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serviceName to /goform/AdvSetMacMtuWan...

CVE-2025-60661

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function...

CVE-2025-60662

CVE-2025-60662 affects Tenda AC18 routers, where a stack overflow in the wanSpeed parameter of the fromAdvSetMacMtuWan function is reported. Multiple sources (CNVD-2025-24473, RH:CVE-2025-60662, NVD/NVD-derived entries) describe a stack buffer overflow leading to denial of service, with the devic...

PT-2025-40406

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.19 Description The Tenda AC18 version 15.03.05.19 contains a stack overflow issue. This occurs through the cloneType parameter within the fromAdvSetMacMtuWan function. Recommendations At the moment, there is no...

CVE-2025-9791

A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made availabl...

CVE-2025-9791

CVE-2025-9791 affects Tenda AC20 firmware 16.03.08.05. The vulnerability is a stack-based overflow in the /goform/fromAdvSetMacMtuWan path, triggered by manipulation of wanMTU, allowing remote code execution. Public PoC/exploit availability is indicated. Several connected feeds confirm the same r...

CVE-2025-25458

Tenda AC10 V4.0siV16.03.10.20 is vulnerable to Buffer Overflow in AdvSetMacMtuWan via serverName2...

Tenda AC10 安全漏洞

The Tenda AC10 is a high performance router designed with Gigabit ports for both WAN and LAN ports. The Tenda AC10 AdvSetMacMtuWan suffers from a buffer overflow vulnerability that can be exploited by an attacker to submit a special request and cause a denial of service attack...

CVE-2025-29386

In Tenda AC9 v1.0 V15.03.05.14multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution...

CVE-2022-32383

Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function...