Filtered by vendor Tenda
Subscriptions
Total
1991 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-13517 | 1 Tenda | 1 Jd12l | 2026-06-29 | 8.8 High |
| A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security_5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2026-13519 | 1 Tenda | 1 Jd12l | 2026-06-29 | 8.8 High |
| A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-13518 | 1 Tenda | 1 Jd12l | 2026-06-29 | 8.8 High |
| A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-38060 | 1 Tenda | 1 5g03 | 2026-06-26 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin parameter. | ||||
| CVE-2026-38063 | 1 Tenda | 1 5g03 | 2026-06-26 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_radio_on_with_ia_apn via the ia parameter. | ||||
| CVE-2026-38064 | 1 Tenda | 1 5g03 | 2026-06-26 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_dial_call via the dialNumber parameter. | ||||
| CVE-2026-38065 | 1 Tenda | 1 5g03 | 2026-06-26 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the ims_apn parameter. | ||||
| CVE-2026-51844 | 1 Tenda | 1 Ac7 | 2026-06-24 | 9.8 Critical |
| Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter. | ||||
| CVE-2026-51845 | 1 Tenda | 1 Ac7 | 2026-06-22 | 9.8 Critical |
| Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter. | ||||
| CVE-2026-51846 | 1 Tenda | 1 Ac7 | 2026-06-22 | 9.8 Critical |
| In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution. | ||||
| CVE-2026-51843 | 1 Tenda | 1 Ac7 | 2026-06-22 | 9.8 Critical |
| Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter. | ||||
| CVE-2026-38061 | 1 Tenda | 1 5g03 | 2026-06-19 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_volume via the volume parameter. | ||||
| CVE-2026-38062 | 1 Tenda | 1 5g03 | 2026-06-19 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_rat_mode via the ratMode parameter. | ||||
| CVE-2026-38834 | 1 Tenda | 2 W30e, W30e Firmware | 2026-06-17 | 7.3 High |
| Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the do_ping_action function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2026-38835 | 1 Tenda | 2 W30e, W30e Firmware | 2026-06-17 | 9.8 Critical |
| Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the formSetUSBPartitionUmount function via the usbPartitionName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2026-36784 | 1 Tenda | 1 O3 Wireless Router | 2026-06-11 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a HTTP request. | ||||
| CVE-2026-36783 | 1 Tenda | 1 O3 Wireless Router | 2026-06-11 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the domain parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36797 | 1 Tenda | 1 G0 | 2026-06-11 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the IPMacBindRuleIp parameter of the formIPMacBindModify function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36808 | 1 Tenda | 1 W15e | 2026-06-11 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36796 | 1 Tenda | 1 G0 | 2026-06-10 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||