Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-13288 Tenda CH22 PPTPUserSetting fromPptpUserSetting buffer overflow — CH22CWE-120 8.8 High2025-11-17
CVE-2025-13258 Tenda AC20 WifiExtraSet buffer overflow — AC20CWE-120 8.8 High2025-11-17
CVE-2025-12622 Tenda AC10 SysRunCmd formSysRunCmd buffer overflow — AC10CWE-120 8.8 High2025-11-03
CVE-2025-12619 Tenda A15 openNetworkGateway fromSetWirelessRepeat buffer overflow — A15CWE-120 8.8 High2025-11-03
CVE-2025-12618 Tenda AC8 DatabaseIniSet buffer overflow — AC8CWE-120 8.8 High2025-11-03
CVE-2025-12611 Tenda AC21 SetPptpServerCfg formSetPPTPServer buffer overflow — AC21CWE-120 8.8 High2025-11-03
CVE-2025-12596 Tenda AC23 saveParentControlInfo buffer overflow — AC23CWE-120 8.8 High2025-11-02
CVE-2025-12595 Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffer overflow — AC23CWE-120 8.8 High2025-11-02
CVE-2025-12322 Tenda CH22 NatStaticSetting fromNatStaticSetting buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12274 Tenda CH22 P2pListFilter fromP2pListFilter buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12273 Tenda CH22 webExcptypemanFilter fromwebExcptypemanFilter buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12272 Tenda CH22 addressNat fromAddressNat buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12271 Tenda CH22 RouteStatic fromRouteStatic buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12265 Tenda CH22 VirtualSer fromVirtualSer buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12236 Tenda CH22 DhcpListClient fromDhcpListClient buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12235 Tenda CH22 SetIpBind fromSetIpBind buffer overflow — CH22CWE-120 8.0 High2025-10-27
CVE-2025-12234 Tenda CH22 SafeMacFilter fromSafeMacFilter buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12233 Tenda CH22 SafeUrlFilter fromSafeUrlFilter buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12232 Tenda CH22 SafeClientFilter fromSafeClientFilter buffer overflow — CH22CWE-120 8.8 High2025-10-27
CVE-2025-12225 Tenda AC6 HTTP Request WifiGuestSet stack-based overflow — AC6CWE-121 8.8 High2025-10-27
CVE-2025-12214 Tenda O3 sysAutoReboot GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-12213 Tenda O3 setVlanConfig GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-12212 Tenda O3 setNetworkService GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-12211 Tenda O3 setDmzInfo GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-12210 Tenda O3 AdvSetLanip GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-12209 Tenda O3 setDhcpConfig GetValue stack-based overflow — O3CWE-121 8.8 High2025-10-27
CVE-2025-11666 Tenda RP3 Pro Firmware Update force_upgrade.sh hard-coded password — RP3 ProCWE-259 6.7 Medium2025-10-13
CVE-2025-11586 Tenda AC7 setNotUpgrade stack-based overflow — AC7CWE-121 8.8 High2025-10-10
CVE-2025-11550 Tenda W12 HTTP Request modules wifiScheduledSet null pointer dereference — W12CWE-476 6.5 Medium2025-10-09
CVE-2025-11549 Tenda W12 HTTP Request modules wifiMacFilterSet stack-based overflow — W12CWE-121 8.8 High2025-10-09

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.