14 matches found
Tenda AX-3 fromAdvSetMacMtuWan Function Stack Buffer Overflow Vulnerability
Tenda AX-3 is a home smart wireless router from Tenda that supports Wi-Fi6 802.11ax standard for home networking environment. The Tenda AX-3 suffers from a stack buffer overflow vulnerability, which stems from the wanMTU2 parameter in the fromAdvSetMacMtuWan function failing to correctly validate...
CVE-2025-71026
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-71025
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-71026
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
PT-2026-2583
Tenda AX-3 v16.03.12.10 CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-71026
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-71024
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-71025
CVE-2025-71025 affects Tenda AX-3: a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. The root cause is input length validation in that function, enabling a crafted request to trigger a Denial of Service. Multiple connected sources (CNVD, RH, NVD, CNNVD, CIRCL) corr...
CVE-2025-63455
The CVE-2025-63455 entry concerns Tenda AX-3 devices (v16.03.12.10_CN) with a stack overflow in the fromSetWifiGusetBasic function via the shareSpeed parameter, enabling a crafted request to cause a Denial of Service. Multiple connected sources (CNVD, RH, CIRCL, EUVD, NVD, CNNVD, CVELIST, etc.) c...
CVE-2025-63454
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow via the deviceId parameter in the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
PT-2025-34440 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.10 CN Description: The Tenda AX3 device is susceptible to a buffer overflow issue in the saveParentControlInfo function. The vulnerability is triggered through the deviceName parameter. Recommendations: Update to a...
PT-2024-14303 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A remote code execution issue was discovered via the list parameter at the "/goform/SetNetControlList" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, as a temporary workaround,...
PT-2023-19481 · Tenda · Tenda Ax3
Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: A stack overflow issue was discovered via the timeType function at the "/goform/SetSysTimeCfg" API endpoint. Recommendations: For Tenda AX3 version 16.03.12.11, consider disabling access to the...
CVE-2022-24152
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetRouteStatic. This vulnerability allows attackers to cause a Denial of Service DoS via the list parameter...