Every CVE whose affected-product data names Tenda Ac8 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (62)
CVE-2023-40893 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.
CVE-2023-33670 — CVSS 9.8 (critical): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sub_4a79ec function.
CVE-2023-33671 — CVSS 9.8 (critical): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the deviceId parameter in the saveParentControlInfo function.
CVE-2023-33673 — CVSS 9.8 (critical): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2023-33675 — CVSS 9.8 (critical): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the get_parentControl_list_Info function.
CVE-2023-40891 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.
CVE-2023-40892 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at…
CVE-2023-33669 — CVSS 9.8 (critical): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub_44db3c function.
CVE-2023-40894 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg.
CVE-2023-40895 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.
CVE-2023-40896 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.
CVE-2023-40897 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo.
CVE-2023-40898 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg.
CVE-2023-40899 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList…
CVE-2023-40900 — CVSS 9.8 (critical): Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.
CVE-2023-4744 — CVSS 9.8 (critical): A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the…
CVE-2023-48194 — CVSS 9.8 (critical): Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing…
CVE-2024-57703 — CVSS 9.8 (critical): Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file…
CVE-2025-25663 — CVSS 9.8 (critical): A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The…
CVE-2025-25664 — CVSS 9.8 (critical): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.
CVE-2025-25667 — CVSS 9.8 (critical): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info.
CVE-2025-25668 — CVSS 9.8 (critical): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_47D878 function.
CVE-2025-29100 — CVSS 9.8 (critical): Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list.
CVE-2026-4252 — CVSS 9.8 (critical): A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6…
CVE-2026-4254 — CVSS 9.8 (critical): A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file…
CVE-2024-4064 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. This vulnerability affects the function…
CVE-2024-4066 — CVSS 8.8 (high): A vulnerability classified as critical has been found in Tenda AC8 16.03.34.09. Affected is the function fromAdvSetMacMtuWan of the file…
CVE-2025-5798 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file…
CVE-2025-5799 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. Affected by this vulnerability is the function…
CVE-2024-57704 — CVSS 8.8 (high): Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file…
CVE-2025-12618 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The…
CVE-2025-1853 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file…
CVE-2026-2202 — CVSS 8.8 (high): A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of…
CVE-2026-2203 — CVSS 8.8 (high): A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file…
CVE-2026-3044 — CVSS 8.8 (high): A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of…
CVE-2025-4368 — CVSS 8.8 (high): A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the…
CVE-2024-10123 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function…
CVE-2024-10130 — CVSS 8.8 (high): A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of…
CVE-2024-11745 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of…
CVE-2024-4065 — CVSS 8.8 (high): A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This issue affects the function formSetRebootTimer of…
CVE-2025-51087 — CVSS 8.6 (high): Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time…
CVE-2025-55852 — CVSS 7.5 (high): Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g.
CVE-2025-29101 — CVSS 7.5 (high): Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info…
CVE-2023-39785 — CVSS 7.5 (high): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function.
CVE-2023-33672 — CVSS 7.5 (high): Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function.
CVE-2025-61498 — CVSS 7.5 (high): A buffer overflow in the UPnP service of Tenda AC8 Hardware v03.03.10.01 allows attackers to cause a Denial of Service (DoS) via supplying…
CVE-2023-39784 — CVSS 7.5 (high): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function.
CVE-2023-39786 — CVSS 7.5 (high): Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.
CVE-2025-0528 — CVSS 7.2 (high): A vulnerability, which was classified as critical, has been found in Tenda AC8, AC10 and AC18 16.03.10.20. Affected by this issue is some…
CVE-2025-51089 — CVSS 6.5 (medium): Tenda AC8V4 V16.03.34.06` was discovered to contain heap overflow at /goform/GetParentControlInfo.The manipulation of the argument `mac`…
CVE-2025-29118 — CVSS 6.5 (medium): Tenda AC8 V16.03.34.06 was discovered to contain a stack overflow via the src parameter in the function sub_47D878.
CVE-2024-10280 — CVSS 6.5 (medium): A vulnerability was found in Tenda AC6, AC7, AC8, AC9, AC10, AC10U, AC15, AC18, AC500 and AC1206 up to 20241022. It has been rated as…
CVE-2025-25510 — CVSS 6.5 (medium): Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function.
CVE-2025-51085 — CVSS 5.3 (medium): Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone`…
CVE-2025-51088 — CVSS 5.3 (medium): Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed`…
CVE-2025-52054 — CVSS 5.3 (medium): An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the…
CVE-2025-51082 — CVSS 5.3 (medium): Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/fast_setting_wifi_set. The manipulation of the argument…
CVE-2026-4253 — CVSS 4.7 (medium): A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route_set_user_policy_rule of the file…