CVE-2025-71025

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-71024

The CVE-2025-71024 entry concerns Tenda AX-3 (v16.03.12.10_CN) with a stack overflow in the fromAdvSetMacMtuWan function’s serviceName2 parameter. The issue can be triggered by a crafted request, leading to a Denial of Service. Connected sources (e.g., CNVD-2026-06091, RH/CVE-2025-71024, CNNVD-20...

CVE-2022-27288

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service DoS via the curTime parameter...

CVE-2022-27294

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service DoS via the webpage parameter...

CVE-2022-27290

D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service DoS via the curTime parameter...

PT-2026-3015

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 device contains a stack overflow issue in the cloneType parameter of the sub 65B5C function. A crafted request can trigger a Denial of Service DoS condition. The cloneType parameter i...

PT-2026-3016

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 device contains a stack overflow issue in the wanSpeed parameter of the sub 65B5C function. Attackers can exploit this to cause a Denial of Service DoS by sending a crafted request...

PT-2026-3257

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 router contains a stack overflow in the security parameter of the sub 4C408 function. This allows attackers to cause a Denial of Service DoS via a crafted request. Recommendations...

PT-2026-2580

Name of the Vulnerable Software and Affected Versions Tenda AX-3 version 16.03.12.10 CN Description The Tenda AX-3 device contains a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This issue allows attackers to cause a Denial of Service DoS by sending a crafted request...

CVE-2025-34458

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...

CVE-2025-34458

Summary: CVE-2025-34458 affects wb2osz/direwolf (Dire Wolf) up to version 1.8, prior to commit 3658a87. Affected component is the APRS MIC-E decoder function aprs_mic_e() in src/decode_aprs.c. Root cause: reachable assertion that checks for a non-empty comment in an AX.25 frame containing a MIC-E...

Dell ControlVault, Lasso, GL.iNet vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Dell ControlVault 3 firmware and its associated Windows software, four vulnerabilities in Entr'ouvert Lasso, and one vulnerability in GL.iNet Slate AX. The vulnerabilities mentioned in this blog post...

CVE-2025-44018

A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

CVE-2025-63456

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63455

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63457

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub4F55C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

EUVD-2025-48945

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

EUVD-2025-48939

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow via the shareSpeed parameter in the fromSetWifiGusetBasic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

EUVD-2025-48948

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub4F55C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63457

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub4F55C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...