Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2026-1610 Tenda AX12 Pro V2 Telnet Service hard-coded credentials — AX12 Pro V2CWE-798 8.1 High2026-01-29
CVE-2026-1420 Tenda AC23 WifiExtraSet buffer overflow — AC23CWE-120 8.8 High2026-01-26
CVE-2026-1329 Tenda AX1803 WifiGuestSet fromGetWifiGuestBasic stack-based overflow — AX1803CWE-121 8.8 High2026-01-22
CVE-2026-22082 Insecure Session ID Management Vulnerability in Tenda Wireless Routers — 300Mbps Wireless Router F3 and N300 Easy Setup RouterCWE-384 7.4 -2026-01-09
CVE-2026-22081 Cookie without HTTPOnly Flag Vulnerability in Tenda Wireless Routers — 300Mbps Wireless Router F3 and N300 Easy Setup RouterCWE-1004 7.5 -2026-01-09
CVE-2026-22080 Insecure Transmission Vulnerability in Tenda Wireless Routers — 300Mbps Wireless Router F3 and N300 Easy Setup RouterCWE-319 7.5 -2026-01-09
CVE-2026-22079 Cleartext Transmission Vulnerability in Tenda Wireless Routers — 300Mbps Wireless Router F3 and N300 Easy Setup RouterCWE-319 8.1 -2026-01-09
CVE-2026-0640 Tenda AC23 PowerSaveSet sscanf buffer overflow — AC23CWE-120 8.8 High2026-01-06
CVE-2026-0581 Tenda AC1206 httpd BehaviorManager formBehaviorManager command injection — AC1206CWE-77 6.3 Medium2026-01-05
CVE-2025-15371 Tenda i24 Shadow File hard-coded credentials — i24CWE-798 7.8 High2025-12-31
CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow — AC20CWE-120 8.8 High2025-12-30
CVE-2025-15255 Tenda W6-S R7websSsecurityHandler httpd stack-based overflow — W6-SCWE-121 9.8 Critical2025-12-30
CVE-2025-15254 Tenda W6-S ATE Service ate TendaAte os command injection — W6-SCWE-78 6.3 Medium2025-12-30
CVE-2025-15253 Tenda M3 exeCommand stack-based overflow — M3CWE-121 8.8 High2025-12-30
CVE-2025-15252 Tenda M3 setDhcpAP formSetRemoteDhcpForAp stack-based overflow — M3CWE-121 8.8 High2025-12-30
CVE-2025-15234 Tenda M3 setInternetLanInfo formSetRemoteInternetLanInfo heap-based overflow — M3CWE-122 8.8 High2025-12-30
CVE-2025-15233 Tenda M3 setAdInfoDetail formSetAdInfoDetails heap-based overflow — M3CWE-122 8.8 High2025-12-30
CVE-2025-15232 Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow — M3CWE-121 8.8 High2025-12-30
CVE-2025-15231 Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow — M3CWE-121 8.8 High2025-12-30
CVE-2025-15230 Tenda M3 setVlanPolicyData formSetVlanPolicy heap-based overflow — M3CWE-122 8.8 High2025-12-30
CVE-2025-15229 Tenda CH22 DhcpListClient fromDhcpListClient denial of service — CH22CWE-404 5.3 Medium2025-12-30
CVE-2025-15218 Tenda AC10U POST Request Parameter AdvSetLanip fromadvsetlanip buffer overflow — AC10UCWE-120 8.8 High2025-12-30
CVE-2025-15217 Tenda AC23 HTTP POST Request formSetPPTPUserList buffer overflow — AC23CWE-120 8.8 High2025-12-30
CVE-2025-15216 Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based overflow — AC23CWE-121 8.8 High2025-12-30
CVE-2025-15215 Tenda AC10U HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflow — AC10UCWE-120 8.8 High2025-12-30
CVE-2025-15180 Tenda WH450 HTTP Request webExcptypemanFilte stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15179 Tenda WH450 qossetting stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15178 Tenda WH450 HTTP Request VirtualSer stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15177 Tenda WH450 HTTP Request SetIpBind stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15164 Tenda WH450 SafeMacFilter stack-based overflow — WH450CWE-121 7.2 High2025-12-29

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.