Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-10432 Tenda AC1206 HTTP Request AdvSetMacMtuWa check_param_changed stack-based overflow — AC1206CWE-121 9.8 Critical2025-09-15
CVE-2025-10120 Tenda AC20 GetParentControlInfo strcpy buffer overflow — AC20CWE-120 8.8 High2025-09-09
CVE-2025-9828 Tenda CP6 uhttp sub_2B7D04 risky encryption — CP6CWE-327 3.7 Low2025-09-02
CVE-2025-9813 Tenda CH22 SetSambaConf formSetSambaConf buffer overflow — CH22CWE-120 8.8 High2025-09-02
CVE-2025-9812 Tenda CH22 exeCommand formexeCommand buffer overflow — CH22CWE-120 8.8 High2025-09-02
CVE-2025-9806 Tenda F1202 Administrative shadow hard-coded credentials — F1202CWE-798 1.9 Low2025-09-02
CVE-2025-9791 Tenda AC20 fromAdvSetMacMtuWan stack-based overflow — AC20CWE-121 8.8 High2025-09-01
CVE-2025-9778 Tenda W12 Administrative shadow hard-coded credentials — W12CWE-798 1.9 Low2025-09-01
CVE-2025-9748 Tenda CH22 httpd IPSECsave fromIpsecitem stack-based overflow — CH22CWE-121 8.8 High2025-08-31
CVE-2025-9731 Tenda AC9 Administrative shadow hard-coded credentials — AC9CWE-798 2.5 Low2025-08-31
CVE-2025-9605 Tenda AC21/AC23 GetParentControlInfo stack-based overflow — AC21CWE-121 9.8 Critical2025-08-29
CVE-2025-9523 Tenda AC1206 GetParentControlInfo stack-based overflow — AC1206CWE-121 9.8 Critical2025-08-27
CVE-2025-9443 Tenda CH22 editUserName formeditUserName buffer overflow — CH22CWE-120 8.8 High2025-08-26
CVE-2025-9309 Tenda AC10 MD5 Hash shadow hard-coded credentials — AC10CWE-798 2.5 Low2025-08-21
CVE-2025-9299 Tenda M3 getMasterPassengerAnalyseData formGetMasterPassengerAnalyseData stack-based overflow — M3CWE-121 8.8 High2025-08-21
CVE-2025-9298 Tenda M3 QuickIndex formQuickIndex stack-based overflow — M3CWE-121 8.8 High2025-08-21
CVE-2025-9297 Tenda i22 wxportalauth formWeixinAuthInfoGet stack-based overflow — i22CWE-121 8.8 High2025-08-21
CVE-2025-31355 Tenda AC6 安全漏洞 — AC6 V5.0CWE-494 7.2 High2025-08-20
CVE-2025-24322 Tenda AC6 安全漏洞 — AC6 V5.0CWE-304 8.1 High2025-08-20
CVE-2025-24496 Tenda AC6 安全漏洞 — AC6 V5.0CWE-288 7.5 High2025-08-20
CVE-2025-27129 Tenda AC6 安全漏洞 — AC6 V5.0CWE-288 9.8 Critical2025-08-20
CVE-2025-30256 Tenda AC6 安全漏洞 — AC6 V5.0CWE-772 8.6 High2025-08-20
CVE-2025-32010 Tenda AC6 安全漏洞 — AC6 V5.0CWE-121 8.1 High2025-08-20
CVE-2025-9091 Tenda AC20 shadow hard-coded credentials — AC20CWE-798 2.5 Low2025-08-17
CVE-2025-9090 Tenda AC20 Telnet Service telnet websFormDefine command injection — AC20CWE-77 6.3 Medium2025-08-17
CVE-2025-9089 Tenda AC20 SetIpMacBind sub_48E628 stack-based overflow — AC20CWE-121 8.8 High2025-08-16
CVE-2025-9088 Tenda AC20 formSetVirtualSer save_virtualser_data stack-based overflow — AC20CWE-121 8.8 High2025-08-16
CVE-2025-9087 Tenda AC20 SetNetControlList Endpoint set_qosMib_list stack-based overflow — AC20CWE-121 8.8 High2025-08-16
CVE-2025-9046 Tenda AC20 setMacFilterCfg sub_46A2AC stack-based overflow — AC20CWE-121 8.8 High2025-08-15
CVE-2025-9023 Tenda AC7/AC18 SetLEDCfg formSetSchedLed buffer overflow — AC7CWE-120 8.8 High2025-08-15

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.