Tenda Rx9 Pro Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Tenda Rx9 Pro Firmware.
By the Year
In 2026 there have been 1 vulnerability in Tenda Rx9 Pro Firmware. Rx9 Pro Firmware did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 4 | 8.80 |
It may take a day or so for new Rx9 Pro Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Tenda Rx9 Pro Firmware Security Vulnerabilities
Tenda G300-F Router OS Command Injection in formSetWanDiag before 16.01.14.2
CVE-2026-25857
- February 07, 2026
Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality (formSetWanDiag). The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without adequate neutralization. As a result, a remote attacker with access to the affected management interface can inject additional shell syntax and execute arbitrary commands on the device with the privileges of the management process.
Shell injection
BUF OVF in Tenda RX9 Pro 22.03.02.20 GOFORM /setMacFilterCfg
CVE-2024-10351
8.8 - High
- October 25, 2024
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Memory Corruption
Tenda RX9 RX9 Pro 22.03.02.20 Buffer Overflow in SetNetControlList
CVE-2024-10283
8.8 - High
- October 23, 2024
A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Memory Corruption
Tenda RX9/Pro 22.x Buffer Overflow Remote RCE (CVE-2024-10282)
CVE-2024-10282
8.8 - High
- October 23, 2024
A vulnerability classified as critical was found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected by this vulnerability is the function sub_42EA38 of the file /goform/SetVirtualServerCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Memory Corruption
Stack Buffer Overflow in RX9/RX9 Pro 22.03.02.10-20 sub_42EEE0 SetRouteCFG
CVE-2024-10281
8.8 - High
- October 23, 2024
A vulnerability classified as critical has been found in Tenda RX9 and RX9 Pro 22.03.02.10/22.03.02.20. Affected is the function sub_42EEE0 of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Tenda Rx9 Pro Firmware or by Tenda? Click the Watch button to subscribe.
