23 matches found
CVE-2025-71024
Tenda AX-3 v16.03.12.10CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
EUVD-2025-48947
Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2025-55603
Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter...
Tenda Ax3 安全漏洞
Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a buffer overflow vulnerability, which stems from the serverName parameter in the...
CVE-2025-55605
Tenda AX3 V16.03.12.10CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter...
CVE-2022-24161
Tenda AX3 v16.03.12.10CN was discovered to contain a heap overflow in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the mac parameter...
CVE-2022-24144
Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the timeZone parameter...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formSetDeviceName. This vulnerability allows attackers to cause a Denial of Service DoS via the devName parameter...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formSetPPTPServer. This vulnerability allows attackers to cause a Denial of Service DoS via the startIp and endIp parameters...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formWifiBasicSet. This vulnerability allows attackers to cause a Denial of Service DoS via the security and security5g parameters...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formSetQosBand. This vulnerability allows attackers to cause a Denial of Service DoS via the list parameter...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetWirelessRepeat. This vulnerability allows attackers to cause a Denial of Service DoS via the wpapskcrypto parameter...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function formAddMacfilterRule. This vulnerability allows attackers to cause a Denial of Service DoS via the devName parameter...
Stack overflow
Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the time parameter...
CVE-2022-24142
CVE-2022-24142 affects Tenda AX3 (v16.03.12.10_CN). A stack overflow in the function formSetFirewallCfg is described, enabling an attacker to cause a Denial of Service via the firewallEn parameter. The vulnerability is categorized with network access, low attack complexity, and no privileges requ...
CVE-2022-24144
Tenda AX3 v16.03.12.10CN was discovered to contain a command injection vulnerability in the function WanParameterSetting. This vulnerability allows attackers to execute arbitrary commands via the gateway, dns1, and dns2 parameters...
CVE-2022-24145
CVE-2022-24145 affects Tenda AX3 devices (example: v16.03.12.10_CN). The vulnerability is a stack/ buffer overflow in the function formWifiBasicSet, which can be triggered to cause a Denial of Service. The description indicates exploitation via the security and security_5g parameters and reports ...
CVE-2022-24150
The CVE-2022-24150 issue affects Tenda AX3 router firmware v16.03.12.10_CN. A command injection exists in the function formSetSafeWanWebMan that allows an attacker to execute arbitrary commands via the remoteIp parameter, with network access and no authentication required per CVSS data (base scor...
CVE-2022-24152
CVE-2022-24152 affects Tenda AX3, specifically v16.03.12.10_CN, with a stack overflow in the fromSetRouteStatic function that can be exploited to cause a Denial of Service via a crafted list parameter. The available connected documents confirm the vulnerability in this router/version and describe...