Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-5609 Tenda AC18 AdvSetLanip fromadvsetlanip buffer overflow — AC18CWE-120 8.8 High2025-06-04
CVE-2025-5608 Tenda AC18 SetSysAutoRebbotCfg formsetreboottimer buffer overflow — AC18CWE-120 8.8 High2025-06-04
CVE-2025-5607 Tenda AC18 setPptpUserList formSetPPTPUserList buffer overflow — AC18CWE-120 8.8 High2025-06-04
CVE-2025-5606 Tenda AC18 SetIPTVCfg formSetIptv command injection — AC18CWE-77 6.3 Medium2025-06-04
CVE-2025-5527 Tenda RX3 SetStaticRouteCfg save_staticroute_data stack-based overflow — RX3CWE-121 8.8 High2025-06-03
CVE-2025-5080 Tenda FH451 webExcptypemanFilter stack-based overflow — FH451CWE-121 8.8 High2025-05-22
CVE-2025-4897 Tenda A15 HTTP POST Request multimodalAdd buffer overflow — A15CWE-120 8.8 High2025-05-18
CVE-2025-4896 Tenda AC10 UserCongratulationsExec buffer overflow — AC10CWE-120 8.8 High2025-05-18
CVE-2025-4867 Tenda A15 ArpNerworkSet formArpNerworkSet denial of service — A15CWE-404 6.5 Medium2025-05-18
CVE-2025-4810 Tenda AC7 SetRebootTimer formSetRebootTimer stack-based overflow — AC7CWE-121 8.8 High2025-05-16
CVE-2025-4809 Tenda AC7 setMacFilterCfg fromSafeSetMacFilter stack-based overflow — AC7CWE-121 8.8 High2025-05-16
CVE-2025-4368 Tenda AC8 MtuSetMacWan formGetRouterStatus buffer overflow — AC8CWE-120 8.8 High2025-05-06
CVE-2025-4357 Tenda RX3 telnet command injection — RX3CWE-77 4.7 Medium2025-05-06
CVE-2025-4356 Tenda DAP-1520 Authentication storage mod_graph_auth_uri_handler stack-based overflow — DAP-1520CWE-121 8.8 High2025-05-06
CVE-2025-4355 Tenda DAP-1520 api set_ws_action heap-based overflow — DAP-1520CWE-122 8.8 High2025-05-06
CVE-2025-4354 Tenda DAP-1520 storage check_dws_cookie stack-based overflow — DAP-1520CWE-121 8.8 High2025-05-06
CVE-2025-4299 Tenda AC1206 openSchedWifi setSchedWifi buffer overflow — AC1206CWE-120 8.8 High2025-05-06
CVE-2025-4298 Tenda AC1206 setcfm formSetCfm buffer overflow — AC1206CWE-120 8.8 High2025-05-05
CVE-2025-4007 Tenda W12/i24 httpd modules cgidhcpsCfgSet stack-based overflow — W12CWE-121 8.8 High2025-04-28
CVE-2025-3820 Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow — W12CWE-121 8.8 High2025-04-19
CVE-2025-3803 Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflow — W12CWE-121 8.8 High2025-04-19
CVE-2025-3802 Tenda W12/i24 httpd cgiPingSet stack-based overflow — W12CWE-121 8.8 High2025-04-19
CVE-2025-3786 Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflow — AC15CWE-120 8.8 High2025-04-18
CVE-2025-3693 Tenda W12 httpd cgiWifiRadioSet stack-based overflow — W12CWE-121 8.8 High2025-04-16
CVE-2025-3346 Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflow — AC7CWE-120 8.8 High2025-04-07
CVE-2025-3328 Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflow — AC1206CWE-120 8.8 High2025-04-07
CVE-2025-3259 Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow — RX3CWE-121 8.8 High2025-04-04
CVE-2025-3237 Tenda FH1202 wrlwpsset access control — FH1202CWE-284 5.3 Medium2025-04-04
CVE-2025-3236 Tenda FH1202 Web Management Interface VirSerDMZ access control — FH1202CWE-284 5.3 Medium2025-04-04
CVE-2025-3203 Tenda W18E setModules formSetAccountList stack-based overflow — W18ECWE-121 4.3 Medium2025-04-04

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.