Every CVE whose affected-product data names Tenda Ax1806 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (61)
CVE-2024-35571 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.
CVE-2024-44565 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.
CVE-2024-44551 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
CVE-2024-44552 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
CVE-2024-44553 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.
CVE-2024-44555 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
CVE-2024-44556 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
CVE-2024-44557 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
CVE-2024-44558 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.
CVE-2022-34597 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
CVE-2024-35580 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.
CVE-2024-40414 — CVSS 9.8 (critical): A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer…
CVE-2024-40415 — CVSS 9.8 (critical): A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer…
CVE-2024-40416 — CVSS 9.8 (critical): A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer…
CVE-2024-44563 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
CVE-2022-32032 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
CVE-2024-44549 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
CVE-2024-44550 — CVSS 9.8 (critical): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
CVE-2023-47456 — CVSS 9.1 (critical): Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.
CVE-2023-47455 — CVSS 9.1 (critical): Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from…
CVE-2024-4238 — CVSS 8.8 (high): A vulnerability has been found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this vulnerability is the function…
CVE-2022-28572 — CVSS 8.8 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function
CVE-2024-4239 — CVSS 8.8 (high): A vulnerability was found in Tenda AX1806 1.0.0.1 and classified as critical. Affected by this issue is the function formSetRebootTimer of…
CVE-2024-4237 — CVSS 8.8 (high): A vulnerability, which was classified as critical, was found in Tenda AX1806 1.0.0.1. Affected is the function R7WebsSecurityHandler of the…
CVE-2024-35578 — CVSS 8.0 (high): Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formSetIptv.
CVE-2024-35579 — CVSS 7.7 (high): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formSetIptv.
CVE-2025-71021 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability…
CVE-2022-25547 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to…
CVE-2022-25548 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to…
CVE-2022-25549 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to…
CVE-2022-25550 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers…
CVE-2022-25551 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to…
CVE-2022-25552 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows…
CVE-2022-25553 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to…
CVE-2022-25554 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers…
CVE-2022-25555 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to…
CVE-2022-25557 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers…
CVE-2022-25558 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetProvince. This vulnerability allows attackers to…
CVE-2022-25566 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers…
CVE-2022-28969 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This…
CVE-2022-28970 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This…
CVE-2022-28971 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This…
CVE-2022-28972 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set…
CVE-2022-28973 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This…
CVE-2022-32030 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
CVE-2022-32031 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
CVE-2022-32033 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
CVE-2024-41492 — CVSS 7.5 (high): A stack overflow in Tenda AX1806 v1.0.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-71020 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability…
CVE-2022-25546 — CVSS 7.5 (high): Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to…
CVE-2025-70644 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub_60CFC function. This vulnerability…
CVE-2025-70645 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetWifiMacFilterCfg function. This…
CVE-2025-70650 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This…
CVE-2025-70656 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows…
CVE-2025-70744 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the cloneType parameter of the sub_65B5C function. This vulnerability…
CVE-2025-70746 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This…
CVE-2025-70747 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serviceName parameter of the sub_65A28 function. This…
CVE-2025-70753 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function. This…
CVE-2025-71019 — CVSS 7.5 (high): Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability…
CVE-2024-40417 — CVSS 6.5 (medium): A vulnerability was found in Tenda AX1806 1.0.0.1. Affected by this issue is the function formSetRebootTimer of the file…
CVE-2024-35576 — CVSS 5.2 (medium): Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.