Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2025-15163 Tenda WH450 SafeEmailFilter stack-based overflow — WH450CWE-121 7.2 High2025-12-29
CVE-2025-15162 Tenda WH450 RouteStatic stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15161 Tenda WH450 PPTPUserSetting stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15160 Tenda WH450 PPTPServer stack-based overflow — WH450CWE-121 7.2 High2025-12-28
CVE-2025-15076 Tenda CH22 public path traversal — CH22CWE-22 7.3 High2025-12-25
CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection — WH450CWE-77 7.3 High2025-12-23
CVE-2025-15047 Tenda WH450 HTTP Request PPTPDClient stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15046 Tenda WH450 HTTP Request PPTPClient stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15045 Tenda WH450 HTTP Request Natlimit stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15044 Tenda WH450 NatStaticSetting stack-based overflow — WH450CWE-121 9.8 Critical2025-12-23
CVE-2025-15010 Tenda WH450 SafeUrlFilter stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-15008 Tenda WH450 HTTP Request L7Port stack-based overflow — WH450CWE-121 7.3 High2025-12-22
CVE-2025-15007 Tenda WH450 HTTP Request L7Im stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-15006 Tenda WH450 HTTP Request CheckTools stack-based overflow — WH450CWE-121 9.8 Critical2025-12-22
CVE-2025-14995 Tenda FH1201 SetIpBind sprintf stack-based overflow — FH1201CWE-121 8.8 High2025-12-21
CVE-2025-14994 Tenda FH1201/FH1206 HTTP Request webtypelibrary strcat stack-based overflow — FH1201CWE-121 8.8 High2025-12-21
CVE-2025-14993 Tenda AC18 HTTP Request SetDlnaCfg sprintf stack-based overflow — AC18CWE-121 8.8 High2025-12-21
CVE-2025-14992 Tenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflow — AC18CWE-121 8.8 High2025-12-21
CVE-2025-14879 Tenda WH450 HTTP Request onSSIDChange stack-based overflow — WH450CWE-121 9.8 Critical2025-12-18
CVE-2025-14878 Tenda WH450 HTTP Request wirelessRestart stack-based overflow — WH450CWE-121 9.8 Critical2025-12-18
CVE-2025-14665 Tenda WH450 HTTP Request DhcpListClient stack-based overflow — WH450CWE-121 9.8 Critical2025-12-14
CVE-2025-14656 Tenda AC20 openSchedWifi httpd buffer overflow — AC20CWE-120 8.8 High2025-12-14
CVE-2025-14655 Tenda AC20 httpd SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow — AC20CWE-121 8.8 High2025-12-14
CVE-2025-14654 Tenda AC20 httpd setPptpUserList formSetPPTPUserList stack-based overflow — AC20CWE-121 8.8 High2025-12-14
CVE-2025-14636 Tenda AX9 httpd image_check weak hash — AX9CWE-328 3.7 Low2025-12-13
CVE-2025-14526 Tenda CH22 L7Im frmL7ImForm buffer overflow — CH22CWE-120 8.8 High2025-12-11
CVE-2025-14286 Tenda AC9 Configuration File DownloadCfg.jpg information disclosure — AC9CWE-200 5.3 Medium2025-12-09
CVE-2025-13446 Tenda AC21 SetSysTimeCfg stack-based overflow — AC21CWE-121 8.8 High2025-11-20
CVE-2025-13445 Tenda AC21 SetIpMacBind stack-based overflow — AC21CWE-121 8.8 High2025-11-20
CVE-2025-13400 Tenda CH22 WrlExtraGet formWrlExtraGet buffer overflow — CH22CWE-120 8.8 High2025-11-19

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.