Lucene search
K

28 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-48205

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-48179

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the param 1 parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.6AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Tenda W3 Wireless Router 安全漏洞

The Tenda W3 is a wireless access point device from the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from an stack overflow in the wlradio parameter within the formwrlSSIDset function, which could allow...

7.5CVSS5.5AI score0.00329EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 3:0 p.m.10 views

EUVD-2026-35084

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS6.2AI score0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/03/12 7:16 a.m.3 views

CVE-2026-4007

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS0.00619EPSS
Exploits1References5
OSV
OSV
added 2025/12/30 4:15 p.m.3 views

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

9.3CVSS6.5AI score0.03923EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/20 1:9 p.m.8 views

CVE-2025-24496

An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability...

7.5CVSS0.00342EPSS
Exploits0References1
CNVD
CNVD
added 2025/06/05 12:0 a.m.2 views

Information Disclosure Vulnerability in Tenda Wireless Router of Shenzhen Jixiang Tenda Technology Co.

Tenda Wireless Router is a brand of network equipment focused on providing stable, easy-to-use wireless router solutions. Shenzhen Jixiang Tenda Technology Co., Ltd Tenda Wireless Router suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...

6.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/09/30 12:0 a.m.8 views

PT-2024-9598 · Tenda · Tenda G3

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetUSBPartitionUmount function of the Tenda G3 wireless access point's firmware, which fails to neutralize special elements when processing the usbPartitionName...

8.8CVSS8.6AI score0.01642EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2024/09/26 12:0 a.m.4 views

The vulnerability of the formSetCfm function in the /goform/setcfm microprogramming software for the Tenda wireless access point allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formSetCfm function in the /goform/setcfm microprogramming system for the wireless access point Tenda is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause...

10CVSS8.4AI score0.01255EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.5 views

The vulnerability of the formwrlSSIDset() function in the httpd daemon of the wireless access point Tenda W6 allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formwrlSSIDset function in the httpd daemon of the microprogrammed wireless access points Tenda W6 is related to the operation that goes beyond the buffer in memory when processing the index parameter. Exploiting this vulnerability could allow an attacker to compromise th...

9CVSS7.5AI score0.01659EPSS
Exploits1References3
OSV
OSV
added 2023/12/07 6:15 p.m.6 views

CVE-2023-49406

Tenda W30E V16.01.0.124843 was discovered to contain a Command Execution vulnerability via the function /goform/telnet...

9.8CVSS5.9AI score0.01516EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/12/07 12:0 a.m.3 views

PT-2023-31452 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 16.01.0.124843 Description: A stack overflow issue was discovered via the function formUpgradeMeshOnline. Recommendations: For Tenda W30E version 16.01.0.124843, consider disabling the formUpgradeMeshOnline function until a...

9.8CVSS9.6AI score0.00924EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/08/30 12:0 a.m.5 views

PT-2023-27972 · Tenda · Tenda Ac9

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version V15.03.06.42 multi Description: A stack overflow issue was discovered, which occurs via the wpapsk crypto parameter at the "/goform/WifiExtraSet" API endpoint. Recommendations: For Tenda AC9 version V15.03.06.42 multi,...

9.8CVSS9.3AI score0.00701EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/04/07 12:0 a.m.5 views

Tenda AC5 缓冲区错误漏洞

Tenda AC5 is a wireless router from Tenda China. A security vulnerability exists in the Tenda AC5 USAC5V1.0RTLV15.03.06.28, which stems from a stack-based buffer overflow issue in the fromDhcpListClient function, which can be exploited by an attacker to cause a denial of service DoS or to execute...

9.8CVSS9.2AI score0.0087EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.4 views

PT-2022-22900 · Tenda · Tenda W6

Name of the Vulnerable Software and Affected Versions: Tenda W6 version 1.0.0.94122 Description: A command injection issue exists in the "/goform/exeCommand" API endpoint, allowing attackers to construct cmdinput parameters for arbitrary command execution. Recommendations: For Tenda W6 version...

9.8CVSS9.7AI score0.24952EPSS
Exploits1References3
OSV
OSV
added 2022/05/26 4:15 p.m.3 views

CVE-2022-30477

Tenda AC Series Router AC18V15.03.05.196318 was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request...

9.8CVSS7.8AI score0.01312EPSS
Exploits1References1
CNVD
CNVD
added 2021/03/17 12:0 a.m.4 views

Unauthorized Access Vulnerability in Tenda Wireless Routers

Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating independent research and development, production and sales of network equipment. Unauthorized access vulnerability exists in Tenda wireless router. Attackers can use the vulnerability to access the backend and obta...

6.8AI score
Exploits0
CNVD
CNVD
added 2019/04/28 12:0 a.m.3 views

Buffer Overflow Vulnerability in Multiple Tenda Products (CNVD-2019-13772)

The Tenda AC7, among others, is a wireless router from the Chinese company Tenda. A buffer overflow vulnerability exists in the web server httpd in the Tenda AC7 using firmware V15.03.06.44CN AC7 and earlier, the AC9 using firmware V15.03.05.196318CN AC9 and earlier, and the AC10 using firmware...

7.8CVSS7.5AI score0.0143EPSS
Exploits1References1
0day.today
0day.today
added 2018/07/24 12:0 a.m.55 views

Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router) Exploit

Exploit for hardware platform in category web applications Exploit Title: Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery Reboot Router Exploit Author: Nathu Nandwani Website: http://nandtech.co CVE: CVE-2015-5996 Description: The router is vulnerable to a cross-site request forge...

6.8CVSS8.7AI score0.01383EPSS
Exploits4
Rows per page
Query Builder