Vulnerabilities in Tenda

762 results
Vexday analysis

O portfólio de vulnerabilidades da Tenda acumula 757 CVEs catalogadas, volume expressivo que, aliado às 116 entradas surgidas nos últimos 90 dias, indica ritmo elevado de descobertas recentes e superfície de ataque em expansão. Embora nenhuma vulnerabilidade conste no catálogo KEV da CISA — taxa abaixo da média geral do catálogo —, a existência de 130 CVEs com prova de conceito pública representa risco operacional concreto, pois reduz significativamente a barreira para exploração oportunista. O tipo de falha mais frequente é CWE-121 (stack-based buffer overflow), classe que historicamente viabiliza execução remota de código em dispositivos de rede embarcados. A CVE mais perigosa em destaque atualmente é CVE-2024-10697, com score EPSS de 0,2551, indicando probabilidade não trivial de exploração e merecedora de atenção prioritária em planos de remediação.

CVE-2026-2873HIGHTenda A21 openSchedWifi setSchedWifi stack-based overflowEPSS 0.6%CVE-2026-2874HIGHTenda A21 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflowEPSS 0.6%CVE-2025-14286MEDIUMTenda AC9 Configuration File DownloadCfg.jpg information disclosureEPSS 0.6%CVE-2026-8138HIGHTenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based overflowEPSS 0.6%CVE-2026-3678HIGHTenda FH451 AdvSetWan sub_3C434 stack-based overflowEPSS 0.6%CVE-2025-2992MEDIUMTenda FH1202 Web Management Interface AdvSetWrlsafeset access controlEPSS 0.6%CVE-2026-5036HIGHTenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflowEPSS 0.6%CVE-2026-2908HIGHTenda HG9 Loopback Detection Configuration Endpoint formLoopBack stack-based overflowEPSS 0.6%CVE-2026-2907HIGHTenda HG9 GPON Configuration Endpoint formgponConf stack-based overflowEPSS 0.6%CVE-2025-2990MEDIUMTenda FH1202 Web Management Interface AdvSetWrlGstset access controlEPSS 0.6%CVE-2025-2989MEDIUMTenda FH1202 Web Management Interface AdvSetWrl access controlEPSS 0.6%CVE-2026-2909HIGHTenda HG9 Diagnostic Ping Endpoint formPing stack-based overflowEPSS 0.6%CVE-2026-2886HIGHTenda A21 SetOnlineDevName set_device_name stack-based overflowEPSS 0.6%CVE-2025-2994MEDIUMTenda FH1202 Web Management Interface qossetting access controlEPSS 0.6%CVE-2026-2905HIGHTenda HG9 Wireless Configuration Endpoint formWlanSetup stack-based overflowEPSS 0.6%CVE-2026-2180HIGHTenda RX3 fast_setting_wifi_set stack-based overflowEPSS 0.6%CVE-2026-6631HIGHTenda F451 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflowEPSS 0.5%CVE-2026-2148MEDIUMTenda AC21 Web Management DownloadFlash information disclosureEPSS 0.5%CVE-2025-2991MEDIUMTenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlEPSS 0.5%CVE-2026-6122HIGHTenda F451 httpd L7Prot frmL7ProtForm stack-based overflowEPSS 0.5%