Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 745

Browse all 745 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E W12 AC23 FH1201 AC9 W9 O3 AC21 AC5 FH1205 M3 O3V2 AC1206 F1202
CVE IDTitleCVSSSeverityPublished
CVE-2025-15229 Tenda CH22 DhcpListClient fromDhcpListClient denial of service — CH22CWE-404 5.3 Medium2025-12-30
CVE-2025-15218 Tenda AC10U POST Request Parameter AdvSetLanip fromadvsetlanip buffer overflow — AC10UCWE-120 8.8 High2025-12-30
CVE-2025-15217 Tenda AC23 HTTP POST Request formSetPPTPUserList buffer overflow — AC23CWE-120 8.8 High2025-12-30
CVE-2025-15216 Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based overflow — AC23CWE-121 8.8 High2025-12-30
CVE-2025-15215 Tenda AC10U HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflow — AC10UCWE-120 8.8 High2025-12-30
CVE-2025-15180 Tenda WH450 HTTP Request webExcptypemanFilte stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15179 Tenda WH450 qossetting stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15178 Tenda WH450 HTTP Request VirtualSer stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15177 Tenda WH450 HTTP Request SetIpBind stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15164 Tenda WH450 SafeMacFilter stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15163 Tenda WH450 SafeEmailFilter stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15162 Tenda WH450 RouteStatic stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15161 Tenda WH450 PPTPUserSetting stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15160 Tenda WH450 PPTPServer stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15076 Tenda CH22 public path traversal — CH22CWE-22 7.3 High2025-12-25
CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection — WH450CWE-77 7.3 High2025-12-23
CVE-2025-15047 Tenda WH450 HTTP Request PPTPDClient stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15046 Tenda WH450 HTTP Request PPTPClient stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15045 Tenda WH450 HTTP Request Natlimit stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15044 Tenda WH450 NatStaticSetting stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15010 Tenda WH450 SafeUrlFilter stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-15008 Tenda WH450 HTTP Request L7Port stack-based overflow — WH450CWE-121 7.3 High2025-12-22
CVE-2025-15007 Tenda WH450 HTTP Request L7Im stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-15006 Tenda WH450 HTTP Request CheckTools stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-14995 Tenda FH1201 SetIpBind sprintf stack-based overflow — FH1201CWE-121 8.8 High2025-12-21
CVE-2025-14994 Tenda FH1201/FH1206 HTTP Request webtypelibrary strcat stack-based overflow — FH1201CWE-121 8.8 High2025-12-21
CVE-2025-14993 Tenda AC18 HTTP Request SetDlnaCfg sprintf stack-based overflow — AC18CWE-121 8.8 High2025-12-21
CVE-2025-14992 Tenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflow — AC18CWE-121 8.8 High2025-12-21
CVE-2025-14879 Tenda WH450 HTTP Request onSSIDChange stack-based overflow — WH450CWE-121 9.8 Critical2025-12-18
CVE-2025-14878 Tenda WH450 HTTP Request wirelessRestart stack-based overflow — WH450CWE-121 9.8 Critical2025-12-18

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.