Tenda Security Vulnerabilities (CVEs)
Track 746 security vulnerabilities affecting Tenda products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A stack-based buffer overflow vulnerability in Tenda AC15 routers allows remote attackers to execute arbitrary code by manipulating the wpapsk_crypto2...
Mar 2, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code or cause denial of service by sending speciall...
Mar 1, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by sending specially crafted requests to the h...
Mar 1, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda F453 routers by exploiting a buffer overflow in the frmL7ImForm function...
Mar 1, 2026CVE-2026-3378 is a remote buffer overflow vulnerability in Tenda F453 routers affecting the qossetting function. Attackers can exploit this flaw remot...
Mar 1, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by manipulating the 'page' parameter in the fr...
Mar 1, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by manipulating the 'page' parameter in the Sa...
Feb 28, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by manipulating the 'page' parameter in the Sa...
Feb 25, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by manipulating the 'page' argument in the fro...
Feb 25, 2026A buffer overflow vulnerability in Tenda F453 routers allows remote attackers to execute arbitrary code by manipulating the 'page' argument in the Nat...
Feb 25, 2026A stack-based buffer overflow vulnerability in Tenda AC8 routers allows remote attackers to execute arbitrary code by manipulating the boundary argume...
Feb 24, 2026This clickjacking vulnerability in Tenda F3 router's web interface allows malicious websites to embed the admin panel in invisible frames. An authenti...
Feb 23, 2026This CSRF vulnerability in Tenda F3 router firmware allows attackers to trick authenticated administrators into making unauthorized configuration chan...
Feb 23, 2026A stack-based buffer overflow vulnerability in Tenda A18 routers allows remote attackers to execute arbitrary code by manipulating the boundary argume...
Feb 22, 2026A remote stack-based buffer overflow vulnerability in Tenda HG9 routers allows attackers to execute arbitrary code by manipulating the pingAddr parame...
Feb 22, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda HG9 routers via a stack-based buffer overflow in the Diagnostic Ping End...
Feb 22, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda HG9 routers via a stack-based buffer overflow in the GPON configuration ...
Feb 22, 2026A stack-based buffer overflow vulnerability in Tenda HG9 routers allows remote attackers to execute arbitrary code by manipulating the ssid parameter ...
Feb 22, 2026A stack-based buffer overflow vulnerability in Tenda A18 routers allows remote attackers to execute arbitrary code by exploiting the strcpy function i...
Feb 21, 2026A stack-based buffer overflow vulnerability in Tenda A21 routers allows remote attackers to execute arbitrary code by manipulating the SSID parameter....
Feb 21, 2026A stack-based buffer overflow vulnerability in Tenda A21 routers allows remote attackers to execute arbitrary code by manipulating time parameters in ...
Feb 21, 2026CVE-2026-2871 is a remote stack-based buffer overflow vulnerability in Tenda A21 routers. Attackers can exploit this to execute arbitrary code or cras...
Feb 21, 2026A stack-based buffer overflow vulnerability in Tenda A21 routers allows remote attackers to execute arbitrary code by manipulating the QoS configurati...
Feb 21, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda TX3 routers via a buffer overflow in the SetIpMacBind function. Attacker...
Feb 8, 2026This CVE describes an OS command injection vulnerability in Tenda G300-F router firmware that allows remote attackers to execute arbitrary commands on...
Feb 7, 2026The Tenda AX12 Pro V2 router contains hard-coded credentials in its Telnet service, allowing remote attackers to gain unauthorized access. This affect...
Jan 29, 2026This CVE describes an insecure CORS policy in Tenda W30E V2 routers that allows attacker-controlled websites to make authenticated cross-origin reques...
Jan 26, 2026This vulnerability allows attackers to perform unlimited brute-force attacks against administrative credentials on Tenda W30E V2 routers. Attackers ca...
Jan 26, 2026This vulnerability allows browsers to cache sensitive administrative pages from Tenda W30E V2 routers, potentially storing credentials locally. Attack...
Jan 26, 2026Tenda W30E V2 routers with vulnerable firmware lack the X-Content-Type-Options: nosniff header on web management interfaces. This allows attackers to ...
Jan 26, 2026This vulnerability allows unauthorized password changes on Tenda W30E V2 routers without verifying the current password. Attackers who gain access to ...
Jan 26, 2026This vulnerability allows authenticated low-privileged users to change the administrator password on Tenda W30E V2 routers by exploiting an authorizat...
Jan 26, 2026This vulnerability allows attackers to use hardcoded default credentials to gain administrative access to Tenda W30E V2 routers. Anyone using affected...
Jan 26, 2026This vulnerability exposes administrative credentials in plaintext within HTTP responses from the Tenda W30E V2 router's maintenance interface. Attack...
Jan 26, 2026The Tenda W30E V2 router firmware exposes stored user account passwords in plaintext within the administrative web interface. Any authenticated user w...
Jan 26, 2026This CSRF vulnerability in Tenda W30E V2 routers allows attackers to trick authenticated administrators into unknowingly executing malicious requests....
Jan 26, 2026This stored cross-site scripting vulnerability in Tenda W30E V2 routers allows attackers to inject malicious scripts into user creation fields. When a...
Jan 26, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda AC23 routers via a buffer overflow in the WifiExtraSet function. Attacke...
Jan 26, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploiting a stack-based buffer overflow in the formGetIp...
Jan 22, 2026A stack-based buffer overflow vulnerability in Tenda AX1803 routers allows remote attackers to execute arbitrary code by manipulating parameters in th...
Jan 22, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploiting a stack overflow in the formSetIptv function. ...
Jan 21, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploiting a stack overflow in the formSetIptv function v...
Jan 21, 2026This vulnerability allows remote attackers to execute arbitrary code on Tenda AX3 routers by exploiting a stack-based buffer overflow in the formGetIp...
Jan 21, 2026This vulnerability allows remote attackers to download router configuration files without authentication on Tenda D151 and D301 routers. Attackers can...
Jan 21, 2026Tenda AX1803 routers running firmware v1.0.0.1 contain a stack overflow vulnerability in the security_5g parameter handling. Attackers can send crafte...
Jan 21, 2026Tenda AX-1806 routers running firmware v1.0.0.1 contain a stack overflow vulnerability in the time parameter handling. Attackers can exploit this to c...
Jan 21, 2026Tenda AX1803 routers running firmware v1.0.0.1 contain a stack overflow vulnerability in the security parameter handling. Attackers can send crafted r...
Jan 21, 2026This CVE describes a stack overflow vulnerability in Tenda AX-1806 routers that allows attackers to cause Denial of Service (DoS) by sending specially...
Jan 21, 2026CVE-2025-70650 is a stack overflow vulnerability in Tenda AX-1806 routers that allows attackers to cause a Denial of Service (DoS) by sending speciall...
Jan 21, 2026A stack overflow vulnerability in Tenda AX-1803 routers allows attackers to cause Denial of Service (DoS) by sending specially crafted requests to the...
Jan 21, 2026Why Monitor Tenda Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 746+ known vulnerabilities affecting Tenda products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Tenda packages in under 60 seconds. No agents required - completely agentless scanning that works across Tenda deployments.
Free vulnerability database: Access detailed information about every Tenda CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Tenda CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
