CVE-2025-11091

Summary: CVE-2025-11091 affects Tenda AC21 routers (firmware up to 16.03.08.16). The vulnerability is in the sscanf-based processing of /goform/SetStaticRouteCfg, where incorrect manipulation of the argument list leads to a buffer overflow. The issue can be exploited remotely and, according to th...

PT-2025-39754

Name of the Vulnerable Software and Affected Versions Tenda AC21 versions up to 16.03.08.16 Description A security issue exists in Tenda AC21 routers. A buffer overflow can be triggered remotely through manipulation of the argument list within the sscanf function located in the...

Tenda AC20 安全漏洞

Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from a flaw in the...

Tenda RX3 安全漏洞

Tenda RX3 is a dual-band WiFi 6 home wireless router from Tenda China. It is used for home network coverage and supports high-speed wireless connection. A buffer overflow vulnerability exists in Tenda RX3 version 16.03.13.11multiTDE01, which originates from the parameter list in the file...

CVE-2022-25451

Tenda AC6 V15.03.05.09multi was discovered to contain a stack overflow via the list parameter in the setstaticroutecfg function...

CVE-2022-25435

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetStaticRoutecfg function...

CVE-2025-1896 Tenda TX3 SetStaticRouteCfg buffer overflow

A vulnerability classified as critical was found in Tenda TX3 16.03.13.11multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to th...

CVE-2024-11745 Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function routestaticcheck of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploi...

CVE-2024-11745 Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function routestaticcheck of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploi...

PT-2024-8867 · Tenda · Tenda Ac8

Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.09 Description: A critical issue affects the route static check function of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to a stack-based buffer overflow. This issue can be exploit...

Tenda AC8 安全漏洞

The Tenda AC8 is a wireless router manufactured by Tenda for home and small business network connectivity. A stack overflow vulnerability exists in the Tenda AC8. The vulnerability originates in the parameter list of the routestaticcheck function in the /goform/SetStaticRouteCfg file and results ...

Tenda RX9 Pro/RX9 /goform/SetStaticRouteCfg Page Buffer Overflow Vulnerability

Both the Tenda RX9 Pro and the Tenda RX9 are a wireless router from the Chinese company Tenda. The Tenda RX9 Pro and Tenda RX9 suffer from a buffer overflow vulnerability that originates from the list parameter in the sub42EEE0 function on the /goform/SetStaticRouteCfg page that fails to correctl...

CVE-2024-10281

A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2024-10281 Tenda RX9/RX9 Pro SetStaticRouteCfg sub_42EEE0 stack-based overflow

A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotel...

CVE-2024-40415

A vulnerability in /goform/SetStaticRouteCfg in the sub519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow...

Tenda AX1806 安全漏洞

The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. A stack buffer overflow vulnerability exists in the Tenda AX1806 sub519F4 function, which originates when /goform/SetStaticRouteCfg fails to properly validate the length and size of the input data, and can be exploited by ...

CVE-2024-2898

A vulnerability classified as critical was found in Tenda AC7 15.03.06.44. Affected by this vulnerability is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The...

CVE-2024-2709 Tenda AC10U SetStaticRouteCfg fromSetRouteStatic stack-based overflow

A vulnerability was found in Tenda AC10U 15.03.06.49. It has been classified as critical. Affected is the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

Tenda AC10 安全漏洞

Tenda AC10U is a wireless router from Tenda China. A buffer overflow vulnerability exists in Tenda AC10U version 15.03.06.49, which originates from the list parameter of the fromSetRouteStatic function in the /goform/SetStaticRouteCfg file that fails to correctly validate the length of the input...

CVE-2024-2581 Tenda AC10 SetStaticRouteCfg fromSetRouteStatic stack-based overflow

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function fromSetRouteStatic of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit h...