Product
tenda w20e firmware
23 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-24112
CVE-2026-24110
CVE-2026-24115
CVE-2026-24114
CVE-2026-24113
CVE-2026-24111
CVE-2026-24109
CVE-2026-24108
CVE-2026-24107
CVE-2025-44867
CVE-2025-44866
CVE-2025-44865
CVE-2025-44864
CVE-2024-3874
CVE-2023-26806
CVE-2023-26805
CVE-2022-48130
CVE-2022-45997
CVE-2022-45996
CVE-2022-40868
CVE-2022-40867
CVE-2022-40866
CVE-2022-40855
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userI
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long
addDhcpRules data. When these rules enteall versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the sizes of
gstup and gstdwn before concatenatinall versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate
pPortMapIndex may lead to buffer overflows when usiall versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userI
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `picN
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr
all versions
An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of
usbPartitionName, which is directly usall versions
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName
all versions
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level paramet
all versions
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parame
all versions
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parame
all versions
A vulnerability was found in Tenda W20E 15.11.0.6. It has been declared as critical. This vulnerability affects the function formS
all versions
Tenda W20E v15.11.0.6(US_W20EV4.0br_v15.11.0.6(1068_1546_841 is vulnerable to Buffer Overflow via function formSetSysTime,
all versions
Tenda W20E v15.11.0.6 (US_W20EV4.0br_v15.11.0.6(1068_1546_841)_CN_TDC) is vulnerable to Buffer Overflow via function formIPMacBind
all versions
Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters sta
all versions
Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.
all versions
Tenda W20E V16.01.0.6(3392) is vulnerable to Command injection via cmd_get_ping_output.
all versions
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the funct
all versions
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the funct
all versions
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the funct
all versions
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping