Tenda 4g300 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Tenda 4g300 Firmware.
By the Year
In 2026 there have been 2 vulnerabilities in Tenda 4g300 Firmware with an average score of 7.6 out of ten. 4g300 Firmware did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 7.55 |
| 2025 | 0 | 0.00 |
| 2024 | 5 | 8.80 |
It may take a day or so for new 4g300 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Tenda 4g300 Firmware Security Vulnerabilities
Tenda 4G300 SafeMacFilter Stack BoF pre 1.0.1
CVE-2026-7470
8.8 - High
- April 30, 2026
A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Stack Overflow
Tenda 4G300 /goform/DelFil Command Injection (before v1.0mt_v1.01.42_CN_TDC01)
CVE-2026-7469
6.3 - Medium
- April 30, 2026
A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag results in command injection. The attack may be launched remotely. The exploit is now public and may be used.
Command Injection
Tenda 4G300 1.01.42 Remote Stack Overflow (sub_429A30)
CVE-2024-4170
8.8 - High
- April 25, 2024
A vulnerability was found in Tenda 4G300 1.01.42. It has been rated as critical. This issue affects the function sub_429A30. The manipulation of the argument list1 leads to stack-based buffer overflow. The attack may be initiated remotely. The identifier VDB-261989 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Critical Stack Overflow in Tenda 4G300 1.01.42 (sub_42775C)
CVE-2024-4169
8.8 - High
- April 25, 2024
A vulnerability was found in Tenda 4G300 1.01.42. It has been declared as critical. This vulnerability affects the function sub_42775C/sub_4279CC. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The identifier of this vulnerability is VDB-261988. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Tenda 4G300 1.01.42: Remote Stack Buffer Overflow in sub_4260F0
CVE-2024-4168
8.8 - High
- April 25, 2024
A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub_4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-261987. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Stack-based Buffer Overflow in Tenda 4G300 1.01.42 (sub_422AA4)
CVE-2024-4167
8.8 - High
- April 25, 2024
A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub_422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Tenda 4G300 1.01.42 Buffer Overflow via sub_41E858 (Remote)
CVE-2024-4166
8.8 - High
- April 25, 2024
A vulnerability has been found in Tenda 4G300 1.01.42 and classified as critical. Affected by this vulnerability is the function sub_41E858. The manipulation of the argument GO/page leads to stack-based buffer overflow. The attack can be launched remotely. The identifier VDB-261985 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Tenda 4g300 Firmware or by Tenda? Click the Watch button to subscribe.
