Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-3167 Tenda AC23 API Interface VerAPIMant denial of service — AC23CWE-404 6.5 Medium2025-04-03
CVE-2025-3161 Tenda AC10 ShutdownSetAdd stack-based overflow — AC10CWE-121 8.8 High2025-04-03
CVE-2025-2996 Tenda FH1202 Web Management Interface SysToolDDNS access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2995 Tenda FH1202 Web Management Interface SysToolChangePwd access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2994 Tenda FH1202 Web Management Interface qossetting access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2993 Tenda FH1202 default.cfg access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2992 Tenda FH1202 Web Management Interface AdvSetWrlsafeset access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2991 Tenda FH1202 Web Management Interface AdvSetWrlmacfilter access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2990 Tenda FH1202 Web Management Interface AdvSetWrlGstset access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-2989 Tenda FH1202 Web Management Interface AdvSetWrl access control — FH1202CWE-284 5.3 Medium2025-03-31
CVE-2025-1899 Tenda TX3 setPptpUserList buffer overflow — TX3CWE-120 6.5 Medium2025-03-04
CVE-2025-1898 Tenda TX3 openSchedWifi buffer overflow — TX3CWE-120 6.5 Medium2025-03-04
CVE-2025-1897 Tenda TX3 SetNetControlList buffer overflow — TX3CWE-120 6.5 Medium2025-03-04
CVE-2025-1896 Tenda TX3 SetStaticRouteCfg buffer overflow — TX3CWE-120 6.5 Medium2025-03-04
CVE-2025-1895 Tenda TX3 setMacFilterCfg buffer overflow — TX3CWE-120 6.5 Medium2025-03-04
CVE-2025-1853 Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflow — AC8CWE-121 8.8 High2025-03-03
CVE-2025-1851 Tenda AC7 SetFirewallCfg formSetFirewallCfg stack-based overflow — AC7CWE-121 8.8 High2025-03-03
CVE-2025-1819 Tenda AC7 1200M telnet TendaTelnet os command injection — AC7 1200MCWE-78 6.3 Medium2025-03-02
CVE-2025-1814 Tenda AC6 WifiExtraSet stack-based overflow — AC6CWE-121 8.8 High2025-03-02
CVE-2025-0848 Tenda A18 HTTP POST Request SetCmdlineRun stack-based overflow — A18CWE-121 6.5 Medium2025-01-30
CVE-2025-0566 Tenda AC15 SetDevNetName formSetDevNetName stack-based overflow — AC15CWE-121 8.8 High2025-01-19
CVE-2025-0528 Tenda AC8/AC10/AC18 HTTP Request telnet command injection — AC8CWE-77 7.2 High2025-01-17
CVE-2025-0349 Tenda AC6 GetParentControlInfo stack-based overflow — AC6CWE-121 8.8 High2025-01-09
CVE-2024-12002 Tenda FH451/FH1201/FH1202/FH1206 GetIPTV websReadEvent null pointer dereference — FH451CWE-476 4.3 Medium2024-11-30
CVE-2024-11745 Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow — AC8CWE-121 8.8 High2024-11-26
CVE-2024-11650 Tenda i9 GetIPTV websReadEvent null pointer dereference — i9CWE-476 6.5 Medium2024-11-25
CVE-2024-11248 Tenda AC10 SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow — AC10CWE-121 8.8 High2024-11-15
CVE-2024-11061 Tenda AC10 fast_setting_wifi_set FUN_0044db3c stack-based overflow — AC10CWE-121 8.8 High2024-11-11
CVE-2024-11056 Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow — AC10CWE-121 8.8 High2024-11-10
CVE-2024-10750 Tenda i22 SysToo websReadEvent null pointer dereference — i22CWE-476 6.5 Medium2024-11-04

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.