28 matches found
PT-2026-48205
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
PT-2026-48179
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the param 1 parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
Tenda W3 Wireless Router 安全漏洞
The Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from an stack overflow in the wlradio parameter within the formwrlSSIDset function, which could allow...
EUVD-2026-35084
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
CVE-2026-4007
A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...
CVE-2025-15255
A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...
CVE-2025-24496
An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability...
Information Disclosure Vulnerability in Tenda Wireless Router of Shenzhen Jixiang Tenda Technology Co.
Tenda Wireless Router is a brand of network equipment focused on providing stable, easy-to-use wireless router solutions. Shenzhen Jixiang Tenda Technology Co., Ltd Tenda Wireless Router suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...
PT-2024-9598 · Tenda · Tenda G3
Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetUSBPartitionUmount function of the Tenda G3 wireless access point's firmware, which fails to neutralize special elements when processing the usbPartitionName...
The vulnerability of the formSetCfm function in the /goform/setcfm microprogramming software for the Tenda wireless access point allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the formSetCfm function in the /goform/setcfm microprogramming system for the wireless access point Tenda is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause...
The vulnerability of the formwrlSSIDset() function in the httpd daemon of the wireless access point Tenda W6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the formwrlSSIDset function in the httpd daemon of the microprogrammed wireless access points Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to compromise th...
CVE-2023-49406
Tenda W30E V16.01.0.124843 was discovered to contain a Command Execution vulnerability via the function /goform/telnet...
PT-2023-31452 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 16.01.0.124843 Description: A stack overflow issue was discovered via the function formUpgradeMeshOnline. Recommendations: For Tenda W30E version 16.01.0.124843, consider disabling the formUpgradeMeshOnline function until a...
PT-2023-27972 · Tenda · Tenda Ac9
Name of the Vulnerable Software and Affected Versions: Tenda AC9 version V15.03.06.42 multi Description: A stack overflow issue was discovered, which occurs via the wpapsk crypto parameter at the "/goform/WifiExtraSet" API endpoint. Recommendations: For Tenda AC9 version V15.03.06.42 multi,...
Tenda AC5 缓冲区错误漏洞
Tenda AC5 is a wireless router from Tenda China. A security vulnerability exists in the Tenda AC5 USAC5V1.0RTLV15.03.06.28, which stems from a stack-based buffer overflow issue in the fromDhcpListClient function, which can be exploited by an attacker to cause a denial of service DoS or to execute...
PT-2022-22900 · Tenda · Tenda W6
Name of the Vulnerable Software and Affected Versions: Tenda W6 version 1.0.0.94122 Description: A command injection issue exists in the "/goform/exeCommand" API endpoint, allowing attackers to construct cmdinput parameters for arbitrary command execution. Recommendations: For Tenda W6 version...
CVE-2022-30477
Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...
Unauthorized Access Vulnerability in Tenda Wireless Routers
Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Unauthorized access vulnerability exists in Tenda wireless router. Attackers can use the vulnerability to access the backend and obta...
Buffer Overflow Vulnerability in Multiple Tenda Products (CNVD-2019-13772)
The Tenda AC7, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the web server httpd in the Tenda AC7 using firmware V15.03.06.44CN AC7 and earlier, the AC9 using firmware V15.03.05.196318CN AC9 and earlier, and the AC10 using firmware...
Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router) Exploit
Exploit for hardware platform in category web applications Exploit Title: Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery Reboot Router Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2015-5996 Description: The router is vulnerable to a cross-site request forge...