Tenda CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1708 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-40893	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
CVE-2023-48194	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	6.3 Medium
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
CVE-2023-40900	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.
CVE-2023-40895	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.
CVE-2023-40898	1 Tenda	3 Ac8, Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg.
CVE-2023-40897	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo.
CVE-2023-40892	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi.
CVE-2023-40891	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.
CVE-2023-40894	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg.
CVE-2023-39784	1 Tenda	3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware	2025-12-08	7.5 High
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function.
CVE-2023-40896	1 Tenda	2 Ac8 Firmware, Ac8v4	2025-12-08	9.8 Critical
Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.
CVE-2023-39786	1 Tenda	3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware	2025-12-08	7.5 High
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.
CVE-2023-39785	1 Tenda	3 Ac8 Firmware, Ac8v4, Ac8v4 Firmware	2025-12-08	7.5 High
Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function.
CVE-2025-61498	1 Tenda	2 Ac8, Ac8 Firmware	2025-12-08	7.5 High
A buffer overflow in the UPnP service of Tenda AC8 Hardware v03.03.10.01 allows attackers to cause a Denial of Service (DoS) via supplying a crafted packet.
CVE-2025-63834	1 Tenda	2 Ac18, Ac18 Firmware	2025-12-01	5.4 Medium
A stored cross-site scripting (XSS) vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the ssid parameter of the wireless settings. Remote attackers can inject malicious payloads that execute when any user visits the router's homepage.
CVE-2025-65220	1 Tenda	2 Ac21, Ac21 Firmware	2025-11-21	4.3 Medium
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/SetVirtualServerCfg via the list parameter.
CVE-2025-65221	1 Tenda	2 Ac21, Ac21 Firmware	2025-11-21	4.3 Medium
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list parameter of /goform/setPptpUserList.
CVE-2025-65222	1 Tenda	2 Ac21, Ac21 Firmware	2025-11-21	4.3 Medium
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the rebootTime parameter of /goform/SetSysAutoRebbotCfg.
CVE-2025-65223	1 Tenda	2 Ac21, Ac21 Firmware	2025-11-21	4.3 Medium
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo.
CVE-2025-65226	1 Tenda	2 Ac21, Ac21 Firmware	2025-11-21	4.3 Medium
Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the deviceId parameter in /goform/saveParentControlInfo.

« first previous Page 11 of 86. next last »