Tenda A18
11 CVEs affecting Tenda A18. Latest disclosed: 2026-02-22. Critical: 1, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-50585 | Critical | 9.8 | 2024-01-09 | Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. |
CVE-2026-2877 | High | 8.8 | 2026-02-21 | A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The… |
CVE-2026-2876 | High | 8.8 | 2026-02-21 | A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of… |
CVE-2024-32305 | High | 8.8 | 2024-04-17 | Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. |
CVE-2023-39829 | High | 7.5 | 2023-08-14 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the wpapsk_crypto2_4g parameter in the fromSetWirelessRepeat function. |
CVE-2023-39828 | High | 7.5 | 2023-08-14 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the security parameter in the formWifiBasicSet function. |
CVE-2023-39827 | High | 7.5 | 2023-08-14 | Tenda A18 V15.13.07.09 was discovered to contain a stack overflow via the rule_info parameter in the formAddMacfilterRule function. |
CVE-2022-44932 | High | 7.5 | 2022-12-08 | An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the Telnet service. |
CVE-2022-44931 | High | 7.5 | 2022-12-08 | Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. |
CVE-2025-0848 | Medium | 6.5 | 2025-01-30 | A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetC… |
CVE-2026-2930 | Medium | 6.3 | 2026-02-22 | A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the compone… |