Tenda Vulnerabilities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

Type

The moderation team is working with the threat intelligence team to categorize software that is affected by security vulnerabilities. This helps to illustrate the assignment of these categories to determine the most affected software types.

Product

Tenda AC687
Tenda AC1886
Tenda AC983
Tenda AC1580
Tenda AC1077

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix9
Temporary Fix0
Workaround4
Unavailable0
Not Defined1337

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High3
Functional1
Proof-of-Concept328
Unproven0
Not Defined1018

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical2
Local19
Adjacent709
Network620

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High26
Low1223
None101

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required22
None1328

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

C3BM Index

Our unique C3BM Index (CVSSv3 Base Meta Index) cumulates the CVSSv3 Meta Base Scores of all entries over time. Comparing this index to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

CVSSv3 Base

≤10
≤20
≤30
≤438
≤524
≤6183
≤7282
≤8403
≤9337
≤1083

The Common Vulnerability Scoring System (CVSS) is an industry standard to define the characteristics and impacts of security vulnerabilities. The base score represents the intrinsic aspects that are constant over time and across user environments. Our unique meta score merges all available scores from different sources to aggregate to the most reliable result.

CVSSv3 Temp

≤10
≤20
≤30
≤438
≤535
≤6181
≤7298
≤8432
≤9335
≤1031

The Common Vulnerability Scoring System (CVSS) uses temp scores to reflect the characteristics of a vulnerability that may change over time but not across user environments. This includes reporting confidence, exploitability and remediation levels. We do also provide our unique meta score for temp scores, even though other sources rarely publish them.

VulDB

≤10
≤20
≤32
≤473
≤540
≤6654
≤7148
≤856
≤9365
≤1012

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

NVD

≤10
≤20
≤30
≤41
≤54
≤613
≤722
≤8244
≤9157
≤10468

The National Vulnerability Database (NVD) is also defining CVSS vectors and scores. These are usually not complete and might differ from VulDB scores.

CNA

≤10
≤20
≤30
≤40
≤519
≤617
≤761
≤846
≤9218
≤1056

A CVE Numbering Authority (CNA) is responsible for assigning new CVE entries. They might also include a CVSS score. These are usually not complete and might differ from VulDB scores.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Some vendors are willing to publish their own CVSS vectors and scores for vulnerabilities in their products. The coverage varies from vendor to vendor.

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤80
≤90
≤101

There are sometimes also security researcher which provide their own CVSS vectors and scores for vulnerabilities they have found and published.

Exploit 0-day

<1k89
<2k494
<5k767
<10k0
<25k0
<50k0
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

Exploit Today

<1k912
<2k287
<5k151
<10k0
<25k0
<50k0
<100k0
≥100k0

The 0-day prices do not consider time-relevant factors. The today price does reflect price impacts like disclosure of vulnerability details, alternative exploits, availability of countermeasures. These dynamic aspects might decrease the exploit prices over time. Under certain circumstances this happens very fast.

Exploit Market Volume

Our unique calculation of exploit prices makes it possible to forecast the expected exploit market volume. The calculated prices for all possible 0-day expoits are cumulated for this task. Comparing the volume to the amount of disclosed vulnerabilities helps to pinpoint the most important events.

🔴 CTI Activities

Our unique Cyber Threat Intelligence aims to determine the ongoing research of actors to anticipiate their acitivities. Observing exploit markets on the Darknet, discussions of vulnerabilities on mailinglists, and exchanges on social media makes it possible to identify planned attacks. Monitored actors and activities are classified whether they are offensive or defensive. They are also weighted as some actors are well-known for certain products and technologies. And some of their disclosures might contain more or less details about technical aspects and personal context. The world map highlights active actors in real-time.

Affected Products (115): 4G300 (6), 11N (1), A5s (1), A15 (17), A18 (8), A32 (1), A301 (5), AC-10U AC1200 (1), AC5 (27), AC5 AC1200 (1), AC6 (87), AC6V2 (4), AC7 (50), AC7 1200M (1), AC8 (32), AC8V4 (8), AC8v4 (4), AC9 (83), AC9 Router AC1200 (2), AC10 (77), AC10 V4 (1), AC10-1200 (3), AC10U (38), AC10V4 (1), AC11 (9), AC15 (80), AC15V1.0 (2), AC18 (86), AC19 (1), AC21 (13), AC23 (22), AC118 (6), AC500 (15), AC1200 (23), AC1206 (35), AC1900 (5), ADSL2-2+ Modem D840R (1), ADSL Modem (1), AX2 Pro (1), AX2L Pro (1), AX2pro (1), AX3 (34), AX9 (9), AX12 (27), AX12 v1.0 (1), AX1803 (50), AX1806 (50), CH22 (2), CP3 (7), CP7 (1), D152 (1), D820R ADSL2-2+ Modem (1), F1200 (2), F1202 (25), F1203 (33), FH451 (4), FH1201 (28), FH1202 (42), FH1203 (31), FH1205 (26), FH1206 (38), G0 (1), G1 (25), G3 (37), G103 (3), HG6 (1), IT7-LCS (1), IT7-PCS (1), IT7-PRS (1), M3 (35), N300 F3 (2), N300 Wireless N VDSL2 Modem Router (1), N301 (2), N301 Wireless Router (2), O1 (2), O3 (7), O3V2 (2), O4 (1), O5 (1), O6 (4), ONT GPON AC1200 (1), PA6 (1), PA6 Wi-Fi Powerline Extender (3), PA202 (2), PW201A (2), RX3 (8), RX9 (3), RX9 Pro (6), RX9_Pro (3), TX3 (12), TX9 (6), TX9 Pro (4), Tenda A15 (1), Tenda AX12 (1), Tenda W30E (2), Tenda i22 (1), W6 (8), W6-S (6), W6_S (2), W9 (19), W12 (4), W15E (15), W15EV1 (5), W18E (14), W20E (10), W30E (45), WH450 (1), WIFI6L Pro (1), i6 (6), i9 (10), i12 (4), i21 (19), i22 (15), i24 (4), i29 (11)

Link to Vendor Website: https://www.tenda.com.cn/

PublishedBaseTempVulnerabilityProdExpCouEPSSCTICVE
04/19/20258.88.4Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000463.17CVE-2025-3820
04/18/20258.88.4Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000461.05CVE-2025-3803
04/18/20258.88.4Tenda W12/i24 httpd cgiPingSet stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000462.93CVE-2025-3802
04/18/20258.88.0Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflowRouter Operating SystemProof-of-ConceptNot defined0.000460.00CVE-2025-3786
04/17/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000400.00CVE-2025-25454
04/17/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000400.00CVE-2025-25455
04/17/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000400.00CVE-2025-25457
04/16/20258.88.0Tenda W12 httpd cgiWifiRadioSet stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000460.23CVE-2025-3693
04/16/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000310.15CVE-2025-25453
04/16/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000310.00CVE-2025-25458
04/15/20258.88.5Tenda AC10 AdvSetMacMtuWan buffer overflowRouter Operating SystemNot definedNot defined0.000430.11CVE-2025-25456
04/06/20258.88.0Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflowRouter Operating SystemProof-of-ConceptNot defined0.000480.11CVE-2025-3346
04/06/20258.88.4Tenda AC1206 fast_setting_wifi_set form_fast_setting_wifi_set buffer overflowRouter Operating SystemProof-of-ConceptNot defined0.000840.11CVE-2025-3328
04/04/20258.88.0Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.001140.37CVE-2025-3259
04/04/20258.88.8Tenda AC15 HTTP Request webCgiGetUploadFile buffer overflowRouter Operating SystemNot definedNot defined0.000560.16CVE-2025-29462
04/03/20255.34.8Tenda FH1202 wrlwpsset access controlRouter Operating SystemProof-of-ConceptNot defined0.000400.13CVE-2025-3237
04/03/20255.34.8Tenda FH1202 Web Management Interface VirSerDMZ access controlRouter Operating SystemProof-of-ConceptNot defined0.000400.00CVE-2025-3236
04/03/20254.34.1Tenda W18E setModules formSetAccountList stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000560.09CVE-2025-3203
04/03/20256.55.9Tenda AC23 API Interface VerAPIMant denial of serviceRouter Operating SystemProof-of-ConceptNot defined0.000620.12CVE-2025-3167
04/03/20258.88.0Tenda AC10 ShutdownSetAdd stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000600.24CVE-2025-3161
03/30/20255.35.1Tenda FH1202 Web Management Interface SysToolDDNS access controlRouter Operating SystemProof-of-ConceptNot defined0.001190.00CVE-2025-2996
03/30/20255.35.0Tenda FH1202 Web Management Interface SysToolChangePwd access controlRouter Operating SystemProof-of-ConceptNot defined0.000710.09CVE-2025-2995
03/30/20255.34.8Tenda FH1202 Web Management Interface qossetting access controlRouter Operating SystemProof-of-ConceptNot defined0.000710.06CVE-2025-2994
03/30/20255.34.7Tenda FH1202 default.cfg access controlRouter Operating SystemProof-of-ConceptWorkaround0.000380.09CVE-2025-2993
03/30/20255.35.0Tenda FH1202 Web Management Interface AdvSetWrlsafeset access controlRouter Operating SystemProof-of-ConceptNot defined0.001190.31CVE-2025-2992
03/30/20255.35.0Tenda FH1202 Web Management Interface AdvSetWrlmacfilter access controlRouter Operating SystemProof-of-ConceptNot defined0.001190.21CVE-2025-2991
03/30/20255.35.0Tenda FH1202 Web Management Interface AdvSetWrlGstset access controlRouter Operating SystemProof-of-ConceptNot defined0.000710.00CVE-2025-2990
03/30/20255.35.0Tenda FH1202 Web Management Interface AdvSetWrl access controlRouter Operating SystemProof-of-ConceptNot defined0.000710.09CVE-2025-2989
03/28/20254.34.2Tenda W6_S HTTP POST Request set_local_time buffer overflowRouter Operating SystemNot definedNot defined0.000590.09CVE-2025-28221
03/28/20258.88.5Tenda W6_S POST Request setcfm buffer overflowRouter Operating SystemNot definedNot defined0.000590.09CVE-2025-28220
03/25/20258.88.5Tenda AC8 fromSetRouteStatic buffer overflowRouter Operating SystemNot definedNot defined0.000460.19CVE-2025-29100
03/25/20258.88.5Tenda AC7 formWifiBasicSet stack-based overflowRouter Operating SystemNot definedNot defined0.002560.09CVE-2025-29135
03/20/20258.88.5Tenda AX12 SetNetControlList sub_43fdcc stack-based overflowRouter Operating SystemNot definedNot defined0.000450.13CVE-2025-29215
03/20/20258.88.5Tenda i12 formSetAutoPing buffer overflowRouter Operating SystemNot definedNot defined0.000550.38CVE-2025-29149
03/20/20256.56.3Tenda W18E HTTP POST Request setModules stack-based overflowRouter Operating SystemNot definedNot defined0.000500.07CVE-2025-29217
03/20/20256.55.9Tenda W18E HTTP POST Request setModules stack-based overflowRouter Operating SystemProof-of-ConceptNot defined0.000450.40CVE-2025-29218
03/20/20258.88.5Tenda AC6 fast_setting_wifi_set stack-based overflowRouter Operating SystemNot definedNot defined0.000550.08CVE-2025-29121
03/20/20258.88.5Tenda AX12 setMacFilterCfg sub_42F69C stack-based overflowRouter Operating SystemNot definedNot defined0.000550.00CVE-2025-29214
03/20/20258.88.5Tenda AC8 get_parentControl_list_Info stack-based overflowRouter Operating SystemNot definedNot defined0.000530.07CVE-2025-29101
03/19/20258.88.5Tenda AC8 sub_47D878 stack-based overflowRouter Operating SystemNot definedNot defined0.000260.07CVE-2025-29118
03/19/20258.88.5Tenda AC7 form_fast_setting_wifi_set buffer overflowRouter Operating SystemNot definedNot defined0.000610.00CVE-2025-29137
03/14/20258.07.8Tenda AC9 AdvSetMacMtuWan stack-based overflowRouter Operating SystemNot definedNot defined0.001590.25CVE-2025-29387
03/14/20259.39.1Tenda AC9 AdvSetMacMtuWan stack-based overflowRouter Operating SystemNot definedNot defined0.039170.11CVE-2025-29384
03/14/20259.39.1Tenda AC9 AdvSetMacMtuWan stack-based overflowRouter Operating SystemNot definedNot defined0.003080.15CVE-2025-29386
03/14/20259.39.1Tenda AC9 AdvSetMacMtuWan stack-based overflowRouter Operating SystemNot definedNot defined0.003080.10CVE-2025-29385
03/14/20257.67.5Tenda AC6 formSetSpeedWan buffer overflowRouter Operating SystemNot definedNot defined0.000570.13CVE-2025-29029
03/14/20255.55.3Tenda AC9 formWifiWpsOOB buffer overflowRouter Operating SystemNot definedNot defined0.000310.00CVE-2025-29032
03/14/20257.67.5Tenda AC6 fromAddressNat buffer overflowRouter Operating SystemNot definedNot defined0.000570.08CVE-2025-29031
03/14/20257.67.5Tenda AC6 formWifiWpsOOB buffer overflowRouter Operating SystemNot definedNot defined0.000570.00CVE-2025-29030
03/13/20256.56.3Tenda RX3 Packet SetPptpServerCfg denial of serviceRouter Operating SystemNot definedNot defined0.000300.05CVE-2025-29357

1300 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!