Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-11528 Tenda AC7 saveAutoQos stack-based overflow — AC7CWE-121 8.8 High2025-10-09
CVE-2025-11527 Tenda AC7 fast_setting_pppoe_set stack-based overflow — AC7CWE-121 8.8 High2025-10-09
CVE-2025-11526 Tenda AC7 WifiMacFilterSet stack-based overflow — AC7CWE-121 8.8 High2025-10-09
CVE-2025-11525 Tenda AC7 SetUpnpCfg stack-based overflow — AC7CWE-121 8.8 High2025-10-09
CVE-2025-11524 Tenda AC7 SetDDNSCfg stack-based overflow — AC7CWE-121 8.8 High2025-10-09
CVE-2025-11523 Tenda AC7 AdvSetLanip command injection — AC7CWE-77 6.3 Medium2025-10-09
CVE-2025-11423 Tenda CH22 SafeEmailFilter formSafeEmailFilter memory corruption — CH22CWE-119 9.8 Critical2025-10-08
CVE-2025-11418 Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow — CH22CWE-121 9.8 Critical2025-10-08
CVE-2025-11389 Tenda AC15 saveAutoQos stack-based overflow — AC15CWE-121 8.8 High2025-10-07
CVE-2025-11388 Tenda AC15 setNotUpgrade stack-based overflow — AC15CWE-121 8.8 High2025-10-07
CVE-2025-11387 Tenda AC15 fast_setting_pppoe_set stack-based overflow — AC15CWE-121 8.8 High2025-10-07
CVE-2025-11386 Tenda AC15 POST Parameter SetDDNSCfg stack-based overflow — AC15CWE-121 8.8 High2025-10-07
CVE-2025-11385 Tenda AC20 fast_setting_wifi_set sscanf buffer overflow — AC20CWE-120 8.8 High2025-10-07
CVE-2025-11356 Tenda AC23 SetStaticRouteCfg sscanf buffer overflow — AC23CWE-120 8.8 High2025-10-07
CVE-2025-11328 Tenda AC18 SetDDNSCfg stack-based overflow — AC18CWE-121 8.8 High2025-10-06
CVE-2025-11327 Tenda AC18 SetUpnpCfg stack-based overflow — AC18CWE-121 8.8 High2025-10-06
CVE-2025-11326 Tenda AC18 WifiMacFilterSet stack-based overflow — AC18CWE-121 8.8 High2025-10-06
CVE-2025-11325 Tenda AC18 fast_setting_pppoe_set stack-based overflow — AC18CWE-121 8.8 High2025-10-06
CVE-2025-11324 Tenda AC18 setNotUpgrade stack-based overflow — AC18CWE-121 8.8 High2025-10-06
CVE-2025-11123 Tenda AC18 saveAutoQos stack-based overflow — AC18CWE-121 8.8 High2025-09-28
CVE-2025-11122 Tenda AC18 WizardHandle stack-based overflow — AC18CWE-121 8.8 High2025-09-28
CVE-2025-11121 Tenda AC18 AdvSetLanip command injection — AC18CWE-77 6.3 Medium2025-09-28
CVE-2025-11120 Tenda AC8 SetServerConfig formSetServerConfig buffer overflow — AC8CWE-120 8.8 High2025-09-28
CVE-2025-11117 Tenda CH22 GstDhcpSetSer formWrlExtraGet buffer overflow — CH22CWE-120 8.8 High2025-09-28
CVE-2025-11091 Tenda AC21 SetStaticRouteCfg sscanf buffer overflow — AC21CWE-120 8.8 High2025-09-28
CVE-2025-10838 Tenda AC21 WifiExtraSet sub_45BB10 buffer overflow — AC21CWE-120 8.8 High2025-09-23
CVE-2025-10815 Tenda AC20 HTTP POST Request SetPptpServerCfg strcpy buffer overflow — AC20CWE-120 8.8 High2025-09-22
CVE-2025-10803 Tenda AC23 HTTP POST Request SetPptpServerCfg sscanf buffer overflow — AC23CWE-120 8.8 High2025-09-22
CVE-2025-10443 Tenda AC9/AC15 exeCommand formexeCommand buffer overflow — AC9CWE-120 8.8 High2025-09-15
CVE-2025-10442 Tenda AC9/AC15 exeCommand formexeCommand os command injection — AC9CWE-78 6.3 Medium2025-09-15

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.