Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2026-5155 Tenda CH22 Parameter AdvSetWan fromAdvSetWan stack-based overflow — CH22CWE-121 8.8 High2026-03-30
CVE-2026-5154 Tenda CH22 Parameter setcfm fromSetCfm stack-based overflow — CH22CWE-121 8.8 High2026-03-30
CVE-2026-5153 Tenda CH22 WriteFacMac FormWriteFacMac command injection — CH22CWE-77 6.3 Medium2026-03-30
CVE-2026-5152 Tenda CH22 createFileName formCreateFileName stack-based overflow — CH22CWE-121 8.8 High2026-03-30
CVE-2026-5046 Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet stack-based overflow — FH1201CWE-121 8.8 High2026-03-29
CVE-2026-5045 Tenda FH1201 Parameter WrlclientSet stack-based overflow — FH1201CWE-121 8.8 High2026-03-29
CVE-2026-5036 Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow — 4G06CWE-121 8.8 High2026-03-29
CVE-2026-5021 Tenda F453 httpd PPTPUserSetting fromPPTPUserSetting stack-based overflow — F453CWE-121 8.8 High2026-03-29
CVE-2026-4975 Tenda AC15 POST Request setcfm formSetCfm memory corruption — AC15CWE-121 8.8 High2026-03-27
CVE-2026-4974 Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime memory corruption — AC7CWE-121 8.8 High2026-03-27
CVE-2026-4961 Tenda AC6 POST Request QuickIndex formQuickIndex stack-based overflow — AC6CWE-121 8.8 High2026-03-27
CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow — AC6CWE-121 8.8 High2026-03-27
CVE-2026-4906 Tenda AC5 POST Request WizardHandle decodePwd stack-based overflow — AC5CWE-121 8.8 High2026-03-27
CVE-2026-4905 Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflow — AC5CWE-121 8.8 High2026-03-26
CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow — AC5CWE-121 8.8 High2026-03-26
CVE-2026-4903 Tenda AC5 POST Request QuickIndex formQuickIndex memory corruption — AC5CWE-121 8.8 High2026-03-26
CVE-2026-4902 Tenda AC5 POST Request addressNat fromAddressNat memory corruption — AC5CWE-121 8.8 High2026-03-26
CVE-2026-4567 Tenda A15 UploadCfg stack-based overflow — A15CWE-121 9.8 Critical2026-03-23
CVE-2026-4565 Tenda AC21 SetNetControlList formSetQosBand buffer overflow — AC21CWE-120 8.8 High2026-03-23
CVE-2026-4554 Tenda F453 WriteFacMac FormWriteFacMac privilege escalation — F453CWE-77 6.3 Medium2026-03-22
CVE-2026-4553 Tenda F453 Parameters Natlimit fromNatlimit stack-based overflow — F453CWE-121 8.8 High2026-03-22
CVE-2026-4552 Tenda F453 Parameters VirtualSer fromVirtualSer memory corruption — F453CWE-121 8.8 High2026-03-22
CVE-2026-4551 Tenda F453 Parameters SafeClientFilter fromSafeClientFilter memory corruption — F453CWE-121 8.8 High2026-03-22
CVE-2026-4535 Tenda FH451 WrlclientSet stack-based overflow — FH451CWE-121 8.8 High2026-03-22
CVE-2026-4534 Tenda FH451 WrlExtraSet formWrlExtraSet stack-based overflow — FH451CWE-121 8.8 High2026-03-22
CVE-2026-4493 Tenda A18 Pro MAC Filtering Configuration Endpoint setMacFilterCfg sub_423B50 stack-based overflow — A18 ProCWE-121 8.8 High2026-03-20
CVE-2026-4492 Tenda A18 Pro formSetQosBand set_qosMib_list stack-based overflow — A18 ProCWE-121 8.8 High2026-03-20
CVE-2026-4491 Tenda A18 Pro SetIpMacBind fromSetIpMacBind stack-based overflow — A18 ProCWE-121 8.8 High2026-03-20
CVE-2026-4490 Tenda A18 Pro openSchedWifi setSchedWifi stack-based overflow — A18 ProCWE-121 8.8 High2026-03-20
CVE-2026-4489 Tenda A18 Pro fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow — A18 ProCWE-121 8.8 High2026-03-20

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.