Filtered by vendor Tenda
Subscribe
Total
1722 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-2203 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | |||||
| CVE-2026-2187 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2026-2186 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-2185 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. | |||||
| CVE-2026-2180 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-2181 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-10 | 9.0 HIGH | 8.8 HIGH |
| A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-1690 | 1 Tenda | 2 Hg10, Hg10 Firmware | 2026-02-10 | 5.8 MEDIUM | 4.7 MEDIUM |
| A flaw has been found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. | |||||
| CVE-2026-1689 | 1 Tenda | 2 Hg10, Hg10 Firmware | 2026-02-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2026-24426 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-02-10 | N/A | 6.1 MEDIUM |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior contain an improper output encoding vulnerability in the web management interface. User-supplied input is reflected in HTTP responses without adequate escaping, allowing injection of arbitrary HTML or JavaScript in a victim’s browser context. | |||||
| CVE-2026-24427 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-02-10 | N/A | 5.5 MEDIUM |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose sensitive information in web management responses. Administrative credentials, including the router and/or admin panel password, are included in plaintext within configuration response bodies. In addition, responses lack appropriate Cache-Control directives, which may permit web browsers to cache pages containing these credentials and enable subsequent disclosure to an attacker with access to the client system or browser profile. | |||||
| CVE-2026-24434 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-02-10 | N/A | 6.5 MEDIUM |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior does not implement CSRF protections for administrative functions in the web management interface. The interface does not enforce anti-CSRF tokens or robust origin validation, which can allow an attacker to induce a logged-in administrator to perform unintended state-changing requests and modify router settings. | |||||
| CVE-2026-24441 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-02-10 | N/A | 5.9 MEDIUM |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material. | |||||
| CVE-2026-1329 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2026-02-03 | 9.0 HIGH | 8.8 HIGH |
| A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2026-24435 | 1 Tenda | 2 W30e, W30e Firmware | 2026-02-02 | N/A | 6.5 MEDIUM |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) implement an insecure Cross-Origin Resource Sharing (CORS) policy on authenticated administrative endpoints. The device sets Access-Control-Allow-Origin: * in combination with Access-Control-Allow-Credentials: true, allowing attacker-controlled origins to issue credentialed cross-origin requests. | |||||
| CVE-2021-47802 | 1 Tenda | 4 D151, D151 Firmware, D301 and 1 more | 2026-02-02 | N/A | 7.5 HIGH |
| Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without authentication. | |||||
| CVE-2026-24428 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-29 | N/A | 8.8 HIGH |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a crafted request directly to the backend endpoint, an attacker can bypass role-based restrictions enforced by the web interface and obtain full administrative privileges. | |||||
| CVE-2026-24429 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-29 | N/A | 9.8 CRITICAL |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface. | |||||
| CVE-2026-24430 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-28 | N/A | 7.5 HIGH |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be exposed to network-based interception. | |||||
| CVE-2026-24431 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-28 | N/A | 6.5 MEDIUM |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) display stored user account passwords in plaintext within the administrative web interface. Any user with access to the affected management pages can directly view credentials. | |||||
| CVE-2026-24432 | 1 Tenda | 2 W30e, W30e Firmware | 2026-01-28 | N/A | 4.3 MEDIUM |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) lack cross-site request forgery (CSRF) protections on administrative endpoints, including those used to change administrator account credentials. As a result, an attacker can craft malicious requests that, when triggered by an authenticated user’s browser, modify administrative passwords and other configuration settings. | |||||