Vulnerabilities in Tenda

762 results
Vexday analysis

O portfólio de vulnerabilidades da Tenda acumula 757 CVEs catalogadas, volume expressivo que, aliado às 116 entradas surgidas nos últimos 90 dias, indica ritmo elevado de descobertas recentes e superfície de ataque em expansão. Embora nenhuma vulnerabilidade conste no catálogo KEV da CISA — taxa abaixo da média geral do catálogo —, a existência de 130 CVEs com prova de conceito pública representa risco operacional concreto, pois reduz significativamente a barreira para exploração oportunista. O tipo de falha mais frequente é CWE-121 (stack-based buffer overflow), classe que historicamente viabiliza execução remota de código em dispositivos de rede embarcados. A CVE mais perigosa em destaque atualmente é CVE-2024-10697, com score EPSS de 0,2551, indicando probabilidade não trivial de exploração e merecedora de atenção prioritária em planos de remediação.

CVE-2026-4492HIGHTenda A18 Pro formSetQosBand set_qosMib_list stack-based overflowEPSS 0.6%CVE-2026-7080HIGHTenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflowEPSS 0.6%CVE-2026-7101HIGHTenda F456 httpd WrlclientSet fromWrlclientSet buffer overflowEPSS 0.6%CVE-2025-32010HIGHA stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP EPSS 0.6%CVE-2025-14995HIGHTenda FH1201 SetIpBind sprintf stack-based overflowEPSS 0.6%CVE-2025-14994HIGHTenda FH1201/FH1206 HTTP Request webtypelibrary strcat stack-based overflowEPSS 0.6%CVE-2025-14992HIGHTenda AC18 HTTP Request GetParentControlInfo strcpy stack-based overflowEPSS 0.6%CVE-2026-4008HIGHTenda W3 POST Parameter wifiSSIDset stack-based overflowEPSS 0.6%CVE-2026-3973HIGHTenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflowEPSS 0.6%CVE-2026-3801HIGHTenda i3 setAutoPing formSetAutoPing stack-based overflowEPSS 0.6%CVE-2025-15217HIGHTenda AC23 HTTP POST Request formSetPPTPUserList buffer overflowEPSS 0.6%CVE-2026-3976HIGHTenda W3 POST Parameter WifiMacFilterSet formWifiMacFilterSet stack-based overflowEPSS 0.6%CVE-2026-3971HIGHTenda i3 wifiSSIDset formwrlSSIDset stack-based overflowEPSS 0.6%CVE-2026-4493HIGHTenda A18 Pro MAC Filtering Configuration Endpoint setMacFilterCfg sub_423B50 stack-based overflowEPSS 0.6%CVE-2025-15231HIGHTenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflowEPSS 0.6%CVE-2025-14656HIGHTenda AC20 openSchedWifi httpd buffer overflowEPSS 0.6%CVE-2026-4902HIGHTenda AC5 POST Request addressNat fromAddressNat memory corruptionEPSS 0.6%CVE-2026-4905HIGHTenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack-based overflowEPSS 0.6%CVE-2026-3802HIGHTenda i3 exeCommand formexeCommand stack-based overflowEPSS 0.6%CVE-2026-3732HIGHTenda F453 exeCommand strcpy stack-based overflowEPSS 0.6%