Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2026-2906 Tenda HG9 Samba Configuration Endpoint formSamba stack-based overflow — HG9CWE-121 8.8 High2026-02-22
CVE-2026-2905 Tenda HG9 Wireless Configuration Endpoint formWlanSetup stack-based overflow — HG9CWE-121 8.8 High2026-02-22
CVE-2026-2886 Tenda A21 SetOnlineDevName set_device_name stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2877 Tenda A18 Httpd Service WifiExtraSet strcpy stack-based overflow — A18CWE-121 8.8 High2026-02-21
CVE-2026-2876 Tenda A18 setBlackRule parse_macfilter_rule stack-based overflow — A18CWE-121 8.8 High2026-02-21
CVE-2026-2874 Tenda A21 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2873 Tenda A21 openSchedWifi setSchedWifi stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2872 Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2871 Tenda A21 SetIpMacBind fromSetIpMacBind stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2870 Tenda A21 formSetQosBand set_qosMib_list stack-based overflow — A21CWE-121 8.8 High2026-02-21
CVE-2026-2203 Tenda AC8 Embedded Httpd Service fast_setting_wifi_set buffer overflow — AC8CWE-120 8.8 High2026-02-09
CVE-2026-2202 Tenda AC8 httpd WifiGuestSet fromSetWifiGusetBasic buffer overflow — AC8CWE-120 8.8 High2026-02-09
CVE-2026-2192 Tenda AC9 formGetRebootTimer stack-based overflow — AC9CWE-121 7.2 High2026-02-08
CVE-2026-2191 Tenda AC9 formGetDdosDefenceList stack-based overflow — AC9CWE-121 7.2 High2026-02-08
CVE-2026-2187 Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow — RX3CWE-121 8.8 High2026-02-08
CVE-2026-2186 Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow — RX3CWE-121 8.8 High2026-02-08
CVE-2026-2185 Tenda RX3 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based overflow — RX3CWE-121 8.8 High2026-02-08
CVE-2026-2181 Tenda RX3 openSchedWifi stack-based overflow — RX3CWE-121 8.8 High2026-02-08
CVE-2026-2180 Tenda RX3 fast_setting_wifi_set stack-based overflow — RX3CWE-121 8.8 High2026-02-08
CVE-2026-2148 Tenda AC21 Web Management DownloadFlash information disclosure — AC21CWE-200 5.3 Medium2026-02-08
CVE-2026-2147 Tenda AC21 Web Management DownloadLog information disclosure — AC21CWE-200 5.3 Medium2026-02-08
CVE-2026-2140 Tenda TX9 setMacFilterCfg sub_4223E0 buffer overflow — TX9CWE-120 8.8 High2026-02-08
CVE-2026-2139 Tenda TX9 fast_setting_wifi_set sub_432580 buffer overflow — TX9CWE-120 8.8 High2026-02-08
CVE-2026-2138 Tenda TX9 SetStaticRouteCfg sub_42D03C buffer overflow — TX9CWE-120 8.8 High2026-02-08
CVE-2026-2137 Tenda TX3 SetIpMacBind buffer overflow — TX3CWE-120 8.8 High2026-02-08
CVE-2026-1690 Tenda HG10 formSysCmd system command injection — HG10CWE-77 4.7 Medium2026-01-30
CVE-2026-1689 Tenda HG10 Login formLogin checkUserFromLanOrWan command injection — HG10CWE-77 7.3 High2026-01-30
CVE-2026-1687 Tenda HG10 Boa Webserver formSamba command injection — HG10CWE-77 7.3 High2026-01-30
CVE-2026-1638 Tenda AC21 mDMZSetCfg command injection — AC21CWE-77 6.3 Medium2026-01-29
CVE-2026-1637 Tenda AC21 AdvSetMacMtuWan fromAdvSetMacMtuWan stack-based overflow — AC21CWE-121 8.8 High2026-01-29

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.