Tenda Tenda

  1. Vendors
  2. Tenda

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Tenda product.

RSS Feeds for Tenda security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Tenda products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Tenda Sorted by Most Security Vulnerabilities since 2018

Tenda Ac1863 vulnerabilities

Tenda Ac18 Firmware62 vulnerabilities

Tenda Ac10 Firmware52 vulnerabilities

Tenda W30e Firmware48 vulnerabilities

Tenda Fh1202 Firmware47 vulnerabilities

Tenda Ac1544 vulnerabilities

Tenda Ac6 Firmware42 vulnerabilities

Tenda Ac15 Firmware39 vulnerabilities

Tenda Ac7 Firmware39 vulnerabilities

Tenda Ac8 Firmware39 vulnerabilities

Tenda Fh1206 Firmware37 vulnerabilities

Tenda Ax1803 Firmware36 vulnerabilities

Tenda Ch22 Firmware34 vulnerabilities

Tenda Ac9 Firmware29 vulnerabilities

Tenda W15e Firmware28 vulnerabilities

Tenda Ac728 vulnerabilities

Tenda F1203 Firmware28 vulnerabilities

Tenda Fh451 Firmware27 vulnerabilities

Tenda Ax1806 Firmware26 vulnerabilities

Tenda Fh1205 Firmware24 vulnerabilities

Tenda F453 Firmware24 vulnerabilities

Tenda Ac5 Firmware24 vulnerabilities

Tenda Fh1201 Firmware23 vulnerabilities

Tenda Fh1203 Firmware21 vulnerabilities

Tenda Wh450 Firmware21 vulnerabilities

Tenda O3 Firmware20 vulnerabilities

Tenda I21 Firmware19 vulnerabilities

Tenda A15 Firmware19 vulnerabilities

Tenda Ch2218 vulnerabilities

Tenda F451 Firmware18 vulnerabilities

Tenda Ac23 Firmware18 vulnerabilities

Tenda I22 Firmware16 vulnerabilities

Tenda Ac10u Firmware15 vulnerabilities

Tenda Ac500 Firmware15 vulnerabilities

Tenda Ax12 Firmware14 vulnerabilities

Tenda W20e Firmware14 vulnerabilities

Tenda W18e Firmware14 vulnerabilities

Tenda Rx3 Firmware13 vulnerabilities

Tenda Tx3 Firmware13 vulnerabilities

Tenda Ac20 Firmware12 vulnerabilities

Tenda Ac1206 Firmware12 vulnerabilities

Tenda Rx2 Pro Firmware11 vulnerabilities

Tenda Ac21 Firmware11 vulnerabilities

Tenda F1202 Firmware10 vulnerabilities

Tenda W6 S Firmware10 vulnerabilities

Tenda M3 Firmware9 vulnerabilities

Tenda I9 Firmware9 vulnerabilities

Tenda I12 Firmware9 vulnerabilities

Tenda W9 Firmware7 vulnerabilities

Tenda O36 vulnerabilities

Tenda Cp3 Firmware6 vulnerabilities

Tenda G3 Firmware6 vulnerabilities

Tenda Rx9 Pro Firmware5 vulnerabilities

Tenda Tx9 Pro Firmware5 vulnerabilities

Tenda A18 Firmware5 vulnerabilities

Tenda 4g300 Firmware5 vulnerabilities

Tenda G103 Firmware5 vulnerabilities

Tenda F3 Firmware4 vulnerabilities

Tenda O6 Firmware4 vulnerabilities

Tenda Ax3 Firmware4 vulnerabilities

Tenda Ac6v2 0 Firmware4 vulnerabilities

Tenda I3 Firmware3 vulnerabilities

Tenda W12 Firmware3 vulnerabilities

Tenda Tx9 Firmware3 vulnerabilities

Tenda Hg10 Firmware3 vulnerabilities

Tenda I29 Firmware2 vulnerabilities

Tenda N301 Firmware2 vulnerabilities

Tenda O1 Firmware2 vulnerabilities

Tenda W122 vulnerabilities

Tenda Cp3 Pro Firmware2 vulnerabilities

Tenda Ac81 vulnerability

Tenda Ax2 Pro Firmware1 vulnerability

Tenda Ap500v1 Firmware1 vulnerability

Tenda A301 Firmware1 vulnerability

Tenda Ax9 Firmware1 vulnerability

Tenda Ac61 vulnerability

Tenda Ac8v4 Firmware1 vulnerability

Tenda 11n Firmware1 vulnerability

Tenda O5 Firmware1 vulnerability

Tenda O4 Firmware1 vulnerability

Tenda Ac231 vulnerability

Tenda Ac211 vulnerability

Tenda N300 Wireless N Vdsl2 Modem Router1 vulnerability

Tenda N300 Firmware1 vulnerability

Tenda Ac12061 vulnerability

Tenda Ac11 Firmware1 vulnerability

Tenda I24 Firmware1 vulnerability

Tenda G1 Firmware1 vulnerability

Tenda Ac10v4 Firmware1 vulnerability

Tenda I12 Framework1 vulnerability

Known Exploited Tenda Vulnerabilities

The following Tenda vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Tenda AC11 Up to 02.03.01.104_CN Stack Buffer Overflow Tenda AC11 devices with firmware through 02.03.01.104_CN contain a stack buffer overflow vulnerability in /goform/setmac which allows for arbitrary execution.
CVE-2021-31755 Exploit Probability: 94.0% 		November 3, 2021
Tenda Router Code Execution The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10987 Exploit Probability: 93.9% 		November 3, 2021
Tenda Router Command Injection Vulnerability Issue on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input.
CVE-2018-14558 Exploit Probability: 77.3% 		November 3, 2021

Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings. The vulnerability CVE-2018-14558: Tenda Router Command Injection Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.

By the Year

In 2026 there have been 197 vulnerabilities in Tenda with an average score of 8.4 out of ten. Last year, in 2025 Tenda had 372 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Tenda in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.16




Year Vulnerabilities Average Score
2026 197 8.38
2025 372 8.55
2024 405 8.96
2023 100 9.26
2022 187 8.38
2021 2 7.60
2020 2 8.65

It may take a day or so for new Tenda vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Tenda Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-6632 Apr 20, 2026
Tenda F451 1.0.0.7 httpd fromSafeClientFilter Buffer Overflow A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
F451 Firmware
CVE-2026-6631 Apr 20, 2026
Tenda F451 1.0.0.7 buffer overflow via httpd webExcptypemanFilter A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
F451 Firmware
CVE-2026-6630 Apr 20, 2026
Tenda F451 1.0.0.7_cn_svn7958 httpd Buffer Overflow via fromGstDhcpSetSer A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
F451 Firmware
CVE-2026-6200 Apr 13, 2026
Tenda F456 1.0.0.5 StackBufOvfl via formwebtypelibrary A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-6199 Apr 13, 2026
Tenda F456 1.0.0.5 Stack Blk Overflow via /goform/qossetting A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used.
CVE-2026-6198 Apr 13, 2026
Tenda F456 1.0.0.5 fromNatStaticSetting Stack-based BOV A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-6197 Apr 13, 2026
Stack Buffer Overflow via formWrlsafeset in Tenda F456 1.0.0.5 A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of the argument mit_ssid can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
CVE-2026-6196 Apr 13, 2026
Stack Buffer Overflow in Tenda F456 1.0.0.5 /goform/exeCommand A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument cmdinput results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVE-2026-6137 Apr 12, 2026
Tenda F451 1.0.0.7_cn_svn7958 Stack BOV via /goform/AdvSetWan PPPOEPassword A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
F451 Firmware
CVE-2026-6136 Apr 12, 2026
Tenda F451 1.0.0.7_cn_svn7958 Stack Buffer Overflow in frmL7ImForm A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
F451 Firmware
CVE-2026-6135 Apr 12, 2026
Tenda F451 1.0.0.7 Stack-Based Buffer Overflow in SetIpBind function A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
F451 Firmware
CVE-2026-6134 Apr 12, 2026
Stack Buffer Overflow in Tenda F451 v1.0.0.7_cn_svn7958 /goform/qossetting A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
F451 Firmware
CVE-2026-6133 Apr 12, 2026
Tenda F451 1.0.0.7 Stack-based Buffer Overflow in fromSafeUrlFilter A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
F451 Firmware
CVE-2026-6124 Apr 12, 2026
Stack Buffer Overflow in Tenda F451 1.0.0.7 HTTPD SafeMacFilter A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
F451 Firmware
CVE-2026-6123 Apr 12, 2026
Tenda F451 1.0.0.7 HTTPD Stack-based Buffer Overflow via fromAddressNat A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
F451 Firmware
CVE-2026-6122 Apr 12, 2026
Tenda F451 1.0.0.7: httpd frmL7ProtForm buffer overflow A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
F451 Firmware
CVE-2026-6121 Apr 12, 2026
Tenda F451 1.0.0.7 HTTPD - Stack-based Buffer Overflow in WrlclientSet A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.
F451 Firmware
CVE-2026-6120 Apr 12, 2026
Stack overflow in httpd of Tenda F451 1.0.0.7 via /goform/DhcpListClient A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.
F451 Firmware
CVE-2026-6024 Apr 10, 2026
Tenda i6 1.0.0.7 Path Traversal via HTTP Handler (R7WebsSecurityHandler) A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-6016 Apr 10, 2026
Tenda AC9 15.03.02.13: Stack Buffer Overflow in decodePwd via WANS A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.
Ac9 Firmware
CVE-2026-6015 Apr 10, 2026
Stack Buffer Overflow in Tenda AC9 15.03.02.13 POST Handler (formQuickIndex) A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Ac9 Firmware
CVE-2026-5992 Apr 10, 2026
Tenda F451 1.0.0.7 RCE via P2pListFilter Buffer Overflow A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
F451 Firmware
CVE-2026-5991 Apr 09, 2026
Tenda F451 1.0.0.7 - formWrlExtraSet GO buf overflow (remote) A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.
F451 Firmware
CVE-2026-5990 Apr 09, 2026
Stack Overflow via SafeEmailFilter in Tenda F451 1.0.0.7 A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
F451 Firmware
CVE-2026-5989 Apr 09, 2026
Tenda F451 1.0.0.7 RouteStatic stackoverflow via page param A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
F451 Firmware
CVE-2026-5988 Apr 09, 2026
Stack Buffer Overflow in Tenda F451 1.0.0.7 formWrlsafeset A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of the argument mit_ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
F451 Firmware
CVE-2026-5962 Apr 09, 2026
Tenda CH22 1.0.0.6 Path Traversal in httpd (CVE-2026-5962) A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used.
Ch22 Firmware
CVE-2026-5849 Apr 09, 2026
Tenda i12 1.0.0.11 HTTP Handler Path Traversal Remote A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
I12 Firmware
CVE-2026-5841 Apr 09, 2026
Tenda i3 1.0.0.6 HTTP Handler Path Traversal via R7WebsSecurityHandler Remote A weakness has been identified in Tenda i3 1.0.0.6(2204). The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
I3 Firmware
CVE-2026-5830 Apr 09, 2026
Stack Buffer Overflow in Tenda AC15 15.03.05.18 websGetVar A vulnerability was identified in Tenda AC15 15.03.05.18. This affects the function websGetVar of the file /goform/SysToolChangePwd. Such manipulation of the argument oldPwd/newPwd/cfmPwd leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
Ac15 Firmware
CVE-2026-5687 Apr 06, 2026
Tenda CX12L 16.03.53.12: stack-based B.O.F. via /goform/NatStaticSetting A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-5686 Apr 06, 2026
Tenda CX12L 16.03.53.12 stack buffer overflow in /goform/RouteStatic A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
CVE-2026-5685 Apr 06, 2026
Tenda CX12L 16.03.53.12 stack BF via /goform/addressNat page A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
CVE-2026-5684 Apr 06, 2026
Tenda CX12L 16.03.53.12: Stack Buf Overflow via page arg in webExcptypemanFilter A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local network. The exploit has been publicly disclosed and may be utilized.
CVE-2026-5683 Apr 06, 2026
Tenda CX12L 16.03.53.12 Stack Buffer Overflow in /goform/P2pListFilter A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.
CVE-2026-5609 Apr 06, 2026
Stack Buffer Overflow in Tenda i12 v1.0.0.11 Parameter Handler formwrlSSIDset A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used.
I12 Firmware
CVE-2026-5605 Apr 05, 2026
Tenda CH22 1.0.0.1: Stack-Based Buffer Overflow in formWrlExtraSet A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
Ch22 Firmware
CVE-2026-5604 Apr 05, 2026
Tenda CH22 1.0.0.1 Remote Stack Buffer Overflow in Parameter Handler A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
Ch22 Firmware
CVE-2026-5567 Apr 05, 2026
Tenda M3 1.0.0.10 DestHandler Buffer Overflow CVE-2026-5567 A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation of the argument policyType can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used.
M3 Firmware
CVE-2026-5550 Apr 05, 2026
Tenda AC10 16.03.10.10 Multi: Stack-based BOF in httpd (remote) A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected.
Ac10 Firmware
CVE-2026-5549 Apr 05, 2026
Hard-coded RSA PrivateKey in Tenda AC10 v16.03.10.10_multi_TDE01 A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
Ac10 Firmware
CVE-2026-5548 Apr 05, 2026
Tenda AC10 16.03 stack buffer overflow in httpd fromSysToolChangePwd A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is the function fromSysToolChangePwd of the file /bin/httpd. Performing a manipulation of the argument sys.userpass results in stack-based buffer overflow. The attack can be initiated remotely.
Ac10 Firmware
CVE-2026-5547 Apr 05, 2026
Tenda AC10 16.03.10.10 Multi_TDE01: Remote Cmd Injection at formAddMacfilterRule A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possible to launch the attack remotely. Multiple endpoints might be affected.
Ac10 Firmware
CVE-2026-5527 Apr 04, 2026
Tenda 4G03 Pro < 04.03.01.53 Hard-Coded ECDSA P-256 Key (server.key) A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible to initiate the attack remotely.
CVE-2026-5526 Apr 04, 2026
Tenda 4G03 Pro /bin/httpd Improper Access Control (v1.0/1.1/04.03.01.53) A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks.
CVE-2026-5339 Apr 02, 2026
Command Injection in Tenda G103 v1.0.0.5 Setting Handler (gpon.lua) A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action_set_net_settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument authLoid/authLoidPassword/authPassword/authSerialNo/authType/oltType/usVlanId/usVlanPriority results in command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
G103 Firmware
CVE-2026-5338 Apr 02, 2026
Command Injection via lanIp in Setting Handler (Tenda G103 1.0.0.5) A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function action_set_system_settings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
G103 Firmware
CVE-2026-5204 Mar 31, 2026
Remote stack overflow in Tenda CH22 1.0.0.1 Parameter Handler A vulnerability was determined in Tenda CH22 1.0.0.1. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component Parameter Handler. This manipulation of the argument webSiteId causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Ch22 Firmware
CVE-2026-5156 Mar 30, 2026
Remote Stack Bf Overflow in Tenda CH22 1.0.0.1 Parameter Handler A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of the component Parameter Handler. This manipulation of the argument mit_linktype causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Ch22 Firmware
CVE-2026-5155 Mar 30, 2026
Tenda CH22 1.0.0.1 Remote Stack Buffer Overflow /goform/AdvSetWan A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Ch22 Firmware
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.