Tenda G3 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Tenda G3 Firmware.
By the Year
In 2026 there have been 0 vulnerabilities in Tenda G3 Firmware. G3 Firmware did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 5 | 9.80 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 9.80 |
It may take a day or so for new G3 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Tenda G3 Firmware Security Vulnerabilities
Hardcoded Root Password in Tenda G3 v15.01.0.5 (/etc_ro/shadow)
CVE-2024-48192
- October 17, 2024
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root
Tenda G3 15.11.0.20 StackBufferOverflow in sysTimePolicy
CVE-2024-8225
9.8 - Critical
- August 27, 2024
A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Tenda G3 15.11.0.20 Stack Bof in formSetDebugCfg (/goform/setDebugCfg)
CVE-2024-8224
9.8 - Critical
- August 27, 2024
A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.20. This issue affects the function formSetDebugCfg of the file /goform/setDebugCfg. The manipulation of the argument enable/level/module leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Memory Corruption
Stack Overflow in Tenda G3 DHCP Rule (before 15.11.0.17)
CVE-2024-4165
9.8 - Critical
- April 25, 2024
A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502). Affected is the function modifyDhcpRule of the file /goform/modifyDhcpRule. The manipulation of the argument bindDhcpIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261984. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Stack Overflow
Tenda G3 15.11.0.17 Buffer Overflow in formModifyPppAuthWhiteMac (stack, remote)
CVE-2024-4164
9.8 - Critical
- April 25, 2024
A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.17(9502). This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261983. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Stack Overflow
Buffer Overflow in Tenda G3 Router httpd (v15.11.0.6)
CVE-2022-36587
9.8 - Critical
- September 07, 2022
In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Tenda G3 Firmware or by Tenda? Click the Watch button to subscribe.
