Skip to main content

Tenda

Vendor security scorecard – 254 CVEs in the selected period

Period: 30d 90d 6m 1y All
Risk 2169
254
CVEs
22
Critical
195
High
0
KEV
143
PoC
216
Unpatched C/H
0.4%
Patch Rate
0.2%
Avg EPSS

Severity Breakdown

CRITICAL
22
HIGH
195
MEDIUM
19
LOW
17

Monthly CVE Trend

Top Risky CVEs

CVE Summary Severity CVSS EPSS Priority Signals
CVE-2025-69762 Tenda AX3 firmware v16.03.12.11 has a stack overflow in formSetIptv via the list parameter, enabling remote attackers to crash the router or execute arbitrary code. CRITICAL 9.8 0.4% 69
PoC No patch
CVE-2025-69763 Tenda AX3 firmware has a second stack overflow in formSetIptv via the vlanId parameter, allowing remote code execution through the IPTV configuration endpoint. CRITICAL 9.8 0.4% 69
PoC No patch
CVE-2025-69766 Tenda AX3 firmware has a third stack-based buffer overflow in formGetIptv, allowing unauthenticated remote code execution through the router's web interface. CRITICAL 9.8 0.4% 69
PoC No patch
CVE-2025-69764 Tenda AX3 firmware has another stack-based buffer overflow in formGetIptv through a different input path, enabling remote code execution. CRITICAL 9.8 0.1% 69
PoC No patch
CVE-2018-25316 Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.3 0.0% 67
PoC No patch
CVE-2018-25317 Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.3 0.0% 67
PoC No patch
CVE-2018-25318 Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. CRITICAL 9.3 0.0% 67
PoC No patch
CVE-2026-4252 A critical authentication bypass vulnerability exists in Tenda AC8 router firmware version 16.03.50.11 where the IPv6 handler function check_is_ipv6 relies on IP address for authentication, allowing remote attackers to gain unauthorized access. The vulnerability has a publicly available proof-of-concept exploit on GitHub and scores 9.8 CVSS, enabling complete compromise of the affected device with no authentication required. While not currently listed in CISA KEV, the combination of public exploit availability and ease of exploitation makes this a high-priority vulnerability for organizations using affected Tenda routers. HIGH 8.9 0.1% 65
PoC No patch
CVE-2026-4567 Stack-based buffer overflow in Tenda A15 router firmware version 15.13.07.13 allows unauthenticated remote attackers to achieve complete system compromise through a malicious file upload to the UploadCfg function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires no user interaction and can be executed over the network with trivial complexity. HIGH 8.9 0.1% 65
PoC No patch
CVE-2026-15695 Stack-based buffer overflow in the Tenda BE12 Pro Wi-Fi router (firmware 16.03.66.23) lets an attacker corrupt the stack by supplying an oversized 'page' argument to the /goform/DhcpListClient web endpoint handled by the fromDhcpListClient function. The flaw is reachable over the network and publicly available exploit code exists (disclosed via VulDB), though it is not listed in CISA KEV and no EPSS score was provided. Per the supplied CVSS 4.0 vector (PR:L) the attack requires low-level authentication to the device, and successful exploitation can crash the router or potentially achieve arbitrary code execution. HIGH 7.4 0.8% 58
PoC No patch
CVE-2025-69765 Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution. [CVSS 7.5 HIGH] HIGH 7.5 0.3% 58
PoC No patch
CVE-2025-70645 Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetWifiMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH] HIGH 7.5 0.1% 58
PoC No patch
CVE-2025-70650 Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH] HIGH 7.5 0.1% 58
PoC No patch
CVE-2025-70651 Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH] HIGH 7.5 0.1% 58
PoC No patch
CVE-2025-70644 Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub_60CFC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. [CVSS 7.5 HIGH] HIGH 7.5 0.1% 58
PoC No patch

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy