Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow — AC9CWE-121 8.8 High2026-04-10
CVE-2026-6015 Tenda AC9 POST Request QuickIndex formQuickIndex stack-based overflow — AC9CWE-121 8.8 High2026-04-10
CVE-2026-5992 Tenda F451 P2pListFilter fromP2pListFilter stack-based overflow — F451CWE-121 8.8 High2026-04-10
CVE-2026-5991 Tenda F451 WrlExtraSet formWrlExtraSet stack-based overflow — F451CWE-121 8.8 High2026-04-09
CVE-2026-5990 Tenda F451 SafeEmailFilter fromSafeEmailFilter stack-based overflow — F451CWE-121 8.8 High2026-04-09
CVE-2026-5989 Tenda F451 RouteStatic fromRouteStatic stack-based overflow — F451CWE-121 8.8 High2026-04-09
CVE-2026-5988 Tenda F451 AdvSetWrlsafeset formWrlsafeset stack-based overflow — F451CWE-121 8.8 High2026-04-09
CVE-2026-5962 Tenda CH22 httpd R7WebsSecurityHandlerfunction path traversal — CH22CWE-22 7.3 High2026-04-09
CVE-2026-5849 Tenda i12 HTTP path traversal — i12CWE-22 7.3 High2026-04-09
CVE-2026-5841 Tenda i3 HTTP R7WebsSecurityHandler path traversal — i3CWE-22 7.3 High2026-04-09
CVE-2026-5830 Tenda AC15 SysToolChangePwd websGetVar stack-based overflow — AC15CWE-121 8.8 High2026-04-09
CVE-2026-5687 Tenda CX12L NatStaticSetting fromNatStaticSetting stack-based overflow — CX12LCWE-121 8.8 High2026-04-06
CVE-2026-5686 Tenda CX12L RouteStatic fromRouteStatic stack-based overflow — CX12LCWE-121 8.8 High2026-04-06
CVE-2026-5685 Tenda CX12L addressNat fromAddressNat stack-based overflow — CX12LCWE-121 8.8 High2026-04-06
CVE-2026-5684 Tenda CX12L webExcptypemanFilter fromwebExcptypemanFilter stack-based overflow — CX12LCWE-121 8.0 High2026-04-06
CVE-2026-5683 Tenda CX12L P2pListFilter fromP2pListFilter stack-based overflow — CX12LCWE-121 5.5 Medium2026-04-06
CVE-2026-5609 Tenda i12 Parameter wifiSSIDset formwrlSSIDset stack-based overflow — i12CWE-121 8.8 High2026-04-06
CVE-2026-5605 Tenda CH22 WrlExtraSet formWrlExtraSet stack-based overflow — CH22CWE-121 8.8 High2026-04-05
CVE-2026-5604 Tenda CH22 Parameter CertLocalPrecreate formCertLocalPrecreate stack-based overflow — CH22CWE-121 8.8 High2026-04-05
CVE-2026-5567 Tenda M3 Destination setAdvPolicyData buffer overflow — M3CWE-120 8.8 High2026-04-05
CVE-2026-5550 Tenda AC10 httpd fromSysToolChangePwd stack-based overflow — AC10CWE-121 8.8 High2026-04-05
CVE-2026-5549 Tenda AC10 RSA 2048-bit Private Key privkeySrv.pem hard-coded key — AC10CWE-321 5.3 Medium2026-04-05
CVE-2026-5548 Tenda AC10 httpd fromSysToolChangePwd stack-based overflow — AC10CWE-121 8.8 High2026-04-05
CVE-2026-5547 Tenda AC10 httpd formAddMacfilterRule os command injection — AC10CWE-78 6.3 Medium2026-04-05
CVE-2026-5527 Tenda 4G03 Pro ECDSA P-256 Private Key server.key hard-coded key — 4G03 ProCWE-321 5.3 Medium2026-04-04
CVE-2026-5526 Tenda 4G03 Pro httpd access control — 4G03 ProCWE-284 7.3 High2026-04-04
CVE-2026-5339 Tenda G103 Setting gpon.lua action_set_net_settings command injection — G103CWE-77 4.7 Medium2026-04-02
CVE-2026-5338 Tenda G103 Setting system.lua action_set_system_settings command injection — G103CWE-77 4.7 Medium2026-04-02
CVE-2026-5204 Tenda CH22 Parameter webtypelibrary formWebTypeLibrary stack-based overflow — CH22CWE-121 8.8 High2026-03-31
CVE-2026-5156 Tenda CH22 Parameter QuickIndex formQuickIndex stack-based overflow — CH22CWE-121 8.8 High2026-03-30

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.