Lucene search
K

14 matches found

CNVD
CNVD
added 2026/01/19 12:0 a.m.2 views

Tenda AX-3 fromAdvSetMacMtuWan Function Stack Buffer Overflow Vulnerability

Tenda AX-3 is a home smart wireless router from Tenda that supports Wi-Fi6 802.11ax standard for home networking environment. The Tenda AX-3 suffers from a stack buffer overflow vulnerability, which stems from the wanMTU2 parameter in the fromAdvSetMacMtuWan function failing to correctly validate...

7.5CVSS6.1AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/14 12:18 a.m.5 views

CVE-2025-71026

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00384EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/14 12:18 a.m.11 views

CVE-2025-71025

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00384EPSS
Exploits1References1
OSV
OSV
added 2026/01/13 4:16 p.m.4 views

CVE-2025-71026

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS5.9AI score0.00384EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.6 views

PT-2026-2583

Tenda AX-3 v16.03.12.10 CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.6AI score0.00384EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/13 12:0 a.m.2 views

CVE-2025-71026

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.2AI score0.00384EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/01/13 12:0 a.m.3 views

CVE-2025-71024

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.2AI score0.00384EPSS
Exploits1References1
CVE
CVE
added 2026/01/13 12:0 a.m.10 views

CVE-2025-71025

CVE-2025-71025 affects Tenda AX-3: a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. The root cause is input length validation in that function, enabling a crafted request to trigger a Denial of Service. Multiple connected sources (CNVD, RH, NVD, CNNVD, CIRCL) corr...

7.5CVSS7.2AI score0.00384EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/11/10 12:0 a.m.11 views

CVE-2025-63455

The CVE-2025-63455 entry concerns Tenda AX-3 devices (v16.03.12.10_CN) with a stack overflow in the fromSetWifiGusetBasic function via the shareSpeed parameter, enabling a crafted request to cause a Denial of Service. Multiple connected sources (CNVD, RH, CIRCL, EUVD, NVD, CNNVD, CVELIST, etc.) c...

7.5CVSS7.2AI score0.00375EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/10/31 7:15 p.m.4 views

CVE-2025-63454

Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow via the deviceId parameter in the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS0.00362EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/08/22 12:0 a.m.5 views

PT-2025-34440 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.10 CN Description: The Tenda AX3 device is susceptible to a buffer overflow issue in the saveParentControlInfo function. The vulnerability is triggered through the deviceName parameter. Recommendations: Update to a...

9.8CVSS7.8AI score0.00384EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/01/04 12:0 a.m.4 views

PT-2024-14303 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A remote code execution issue was discovered via the list parameter at the "/goform/SetNetControlList" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, as a temporary workaround,...

9.8CVSS7.6AI score0.01053EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.3 views

PT-2023-19481 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A stack overflow issue was discovered via the timeType function at the "/goform/SetSysTimeCfg" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, consider disabling access to the...

9.8CVSS9.5AI score0.01056EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/02/04 2:15 a.m.5 views

CVE-2022-24152

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetRouteStatic. This vulnerability allows attackers to cause a Denial of Service DoS via the list parameter...

7.8CVSS7.2AI score0.01175EPSS
Exploits1References2
Rows per page
Query Builder