Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2024-0540 Tenda W9 httpd formOfflineSet stack-based overflow — W9CWE-121 6.3 Medium2024-01-15
CVE-2024-0539 Tenda W9 httpd formQosManage_user stack-based overflow — W9CWE-121 8.8 High2024-01-15
CVE-2024-0538 Tenda W9 httpd formQosManage_auto stack-based overflow — W9CWE-121 8.8 High2024-01-15
CVE-2024-0537 Tenda W9 httpd setWrlBasicInfo stack-based overflow — W9CWE-121 8.8 High2024-01-15
CVE-2024-0536 Tenda W9 httpd setWrlAccessList stack-based overflow — W9CWE-121 8.8 High2024-01-15
CVE-2024-0535 Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflow — PA6CWE-121 8.8 High2024-01-15
CVE-2024-0534 Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow — A15CWE-121 7.2 High2024-01-15
CVE-2024-0533 Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow — A15CWE-121 7.2 High2024-01-15
CVE-2024-0532 Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow — A15CWE-121 7.2 High2024-01-15
CVE-2024-0531 Tenda A15 Web-based Management Interface setBlackRule stack-based overflow — A15CWE-121 7.2 High2024-01-15
CVE-2023-4498 Authentication Bypass in Tenda N300 Wireless N VDSL2 Modem Router — N300 Wireless N VDSL2 Modem Router 7.5 -2023-09-06
CVE-2023-4744 Tenda AC8 formSetDeviceName stack-based overflow — AC8CWE-121 9.8 Critical2023-09-03
CVE-2023-2923 Tenda AC6 fromDhcpListClient stack-based overflow — AC6CWE-121 6.3 Medium2023-05-27
CVE-2023-2649 Tenda AC23 Service Port 7329 ate command injection — AC23CWE-77 7.2 High2023-05-11
CVE-2023-0782 Tenda AC23 httpd formGetSysToolDDNS out-of-bounds write — AC23CWE-787 7.2 High2023-02-11

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.