Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tenda — Vulnerabilities & Security Advisories 735

Browse all 735 CVE security advisories affecting Tenda. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tenda operates primarily as a manufacturer of consumer networking hardware, including Wi-Fi routers and range extenders, targeting residential and small business markets. The company’s product line has been associated with a significant volume of security issues, currently totaling 730 recorded CVEs. Historically, these vulnerabilities frequently involve remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and weak authentication mechanisms in embedded web interfaces. Notable incidents include the discovery of hardcoded credentials and command injection points that allow unauthenticated attackers to gain full administrative control over devices. These systemic weaknesses highlight persistent challenges in the security development lifecycle for budget-oriented IoT equipment, resulting in widespread exposure to botnet recruitment and network compromise.

Found 18 results / 735Clear Filters
Top products by Tenda: CH22 AC15 FH1202 F453 AC7 F456 AC18 AC10U FH451 WH450 AC20 AC8 AC6 F451 AC10 i21 W15E AC23 W9 O3 FH1201 AC9 AC21 FH1205 M3 O3V2 AC5 AC1206 W12 A15
CVE IDTitleCVSSSeverityPublished
CVE-2026-8265 Tenda AC6 httpd getLogFile get_log_file os command injection — AC6CWE-78 4.7 Medium2026-05-11
CVE-2026-8264 Tenda AC6 httpd WifiApScan formWifiApScan os command injection — AC6CWE-78 6.3 Medium2026-05-11
CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection — AC6CWE-78 4.7 Medium2026-05-11
CVE-2026-8259 Tenda AC6 httpd telnet os command injection — AC6CWE-78 4.7 Medium2026-05-11
CVE-2026-4961 Tenda AC6 POST Request QuickIndex formQuickIndex stack-based overflow — AC6CWE-121 8.8 High2026-03-27
CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow — AC6CWE-121 8.8 High2026-03-27
CVE-2025-12225 Tenda AC6 HTTP Request WifiGuestSet stack-based overflow — AC6CWE-121 8.8 High2025-10-27
CVE-2025-7914 Tenda AC6 httpd setparentcontrolinfo buffer overflow — AC6CWE-120 8.8 High2025-07-21
CVE-2025-5855 Tenda AC6 SetRebootTimer formSetRebootTimer stack-based overflow — AC6CWE-121 8.8 High2025-06-09
CVE-2025-5854 Tenda AC6 AdvSetLanip fromadvsetlanip buffer overflow — AC6CWE-120 8.8 High2025-06-09
CVE-2025-5853 Tenda AC6 SetRemoteWebCfg formSetSafeWanWebMan stack-based overflow — AC6CWE-121 8.8 High2025-06-09
CVE-2025-5852 Tenda AC6 setPptpUserList formSetPPTPUserList buffer overflow — AC6CWE-120 8.8 High2025-06-09
CVE-2025-1814 Tenda AC6 WifiExtraSet stack-based overflow — AC6CWE-121 8.8 High2025-03-02
CVE-2025-0349 Tenda AC6 GetParentControlInfo stack-based overflow — AC6CWE-121 8.8 High2025-01-09
CVE-2024-10698 Tenda AC6 SetOnlineDevName formSetDeviceName stack-based overflow — AC6CWE-121 8.8 High2024-11-02
CVE-2024-10697 Tenda AC6 API Endpoint WriteFacMac formWriteFacMac command injection — AC6CWE-77 6.3 Medium2024-11-02
CVE-2024-10280 Tenda AC6/AC7/AC8/AC9/AC10/AC10U/AC15/AC18/AC500/AC1206 GetIPTV websReadEvent null pointer dereference — AC6CWE-476 6.5 Medium2024-10-23
CVE-2023-2923 Tenda AC6 fromDhcpListClient stack-based overflow — AC6CWE-121 6.3 Medium2023-05-27

This page lists every published CVE security advisory associated with Tenda. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.