Filtered by vendor Tenda
Subscriptions
Total
1850 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3378 | 1 Tenda | 2 F453, F453 Firmware | 2026-04-17 | 8.8 High |
| A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2026-3400 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-04-17 | 8.8 High |
| A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-24109 | 1 Tenda | 2 W20e, W20e Firmware | 2026-04-17 | 9.8 Critical |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `picName`. When this value is used in `sprintf` without validating variable sizes, it could lead to a buffer overflow vulnerability. | ||||
| CVE-2026-24105 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-04-17 | 9.8 Critical |
| An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd. | ||||
| CVE-2026-24108 | 1 Tenda | 2 W20e, W20e Firmware | 2026-04-17 | 9.8 Critical |
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and concatenated using `sprintf` without proper size validation, it could lead to a buffer overflow vulnerability. | ||||
| CVE-2026-3726 | 1 Tenda | 2 F453, F453 Firmware | 2026-04-17 | 8.8 High |
| A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-3801 | 1 Tenda | 2 I3, I3 Firmware | 2026-04-17 | 8.8 High |
| A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-3808 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2026-04-17 | 8.8 High |
| A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-24440 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 8.8 High |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) allow account passwords to be changed through the maintenance interface without requiring verification of the existing password. This enables unauthorized password changes when access to the affected endpoint is obtained. | ||||
| CVE-2026-24429 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 9.8 Critical |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface. | ||||
| CVE-2026-24430 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 7.5 High |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be exposed to network-based interception. | ||||
| CVE-2026-24428 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 8.8 High |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain an authorization flaw in the user management API that allows a low-privileged authenticated user to change the administrator account password. By sending a crafted request directly to the backend endpoint, an attacker can bypass role-based restrictions enforced by the web interface and obtain full administrative privileges. | ||||
| CVE-2026-24437 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 5.5 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) serve sensitive administrative content without appropriate cache-control directives. As a result, browsers may store credential-bearing responses locally, exposing them to subsequent unauthorized access. | ||||
| CVE-2026-24431 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 6.5 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) display stored user account passwords in plaintext within the administrative web interface. Any user with access to the affected management pages can directly view credentials. | ||||
| CVE-2026-24433 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 5.4 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) contain a stored cross-site scripting vulnerability in the user creation functionality. Insufficient input validation allows attacker-controlled script content to be stored and later executed when administrative users access the affected management pages. | ||||
| CVE-2026-24432 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 4.3 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) lack cross-site request forgery (CSRF) protections on administrative endpoints, including those used to change administrator account credentials. As a result, an attacker can craft malicious requests that, when triggered by an authenticated user’s browser, modify administrative passwords and other configuration settings. | ||||
| CVE-2026-24439 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 6.5 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) fail to include the X-Content-Type-Options: nosniff response header on web management interfaces. As a result, browsers that perform MIME sniffing may incorrectly interpret attacker-influenced responses as executable script. | ||||
| CVE-2026-24435 | 1 Tenda | 2 W30e, W30e Firmware | 2026-04-16 | 6.5 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) implement an insecure Cross-Origin Resource Sharing (CORS) policy on authenticated administrative endpoints. The device sets Access-Control-Allow-Origin: * in combination with Access-Control-Allow-Credentials: true, allowing attacker-controlled origins to issue credentialed cross-origin requests. | ||||
| CVE-2026-24426 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-04-16 | 6.1 Medium |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior contain an improper output encoding vulnerability in the web management interface. User-supplied input is reflected in HTTP responses without adequate escaping, allowing injection of arbitrary HTML or JavaScript in a victim’s browser context. | ||||
| CVE-2026-27511 | 1 Tenda | 2 F3, F3 Firmware | 2026-04-16 | 4.3 Medium |
| Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that may result in unauthorized configuration changes. | ||||