CVE-2025-15253

A vulnerability has been found in Tenda M3 1.0.0.134903. The impacted element is an unknown function of the file /goform/exeCommand. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public a...

CVE-2025-15252

A flaw has been found in Tenda M3 1.0.0.134903. The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow. The attack can be initiated remotely. The...

CVE-2025-15252

Affected product: Tenda M3, version 1.0.0.13(4903). Vulnerable component: function formSetRemoteDhcpForAp in /goform/setDhcpAP. Root cause: manipulation of arguments startip, endip, leasetime, gateway, dns1, dns2 leads to a stack-based buffer overflow. Impact: remote attacker can trigger the over...

EUVD-2025-205699

A security flaw has been discovered in Tenda M3 1.0.0.134903. This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemU...

CVE-2025-15232 Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow

A vulnerability was identified in Tenda M3 1.0.0.134903. This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit ...

Tenda M3 安全漏洞

Tenda M3 is an access control controller from Tenda China. A security vulnerability exists in Tenda M3 version 1.0.0.134903, which stems from an incorrect operation of the parameter qvlantruckport in the file /goform/setVlanPolicyData, which could result in a heap-based buffer overflow...

Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the wrong operation of the parameter cmdinput in the file...

Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 heap buffer overflow vulnerability exists, the vulnerability stems from the parameter...

Tenda M3 安全漏洞

Tenda M3 is a wireless controller AC from Tenda, which is aimed at scenarios such as hotel chains, low-star hotels and small and medium-sized businesses. Tenda M3 has a stack buffer overflow vulnerability, the vulnerability stems from the incorrect operation of the parameter mac/terminal in the...

PT-2025-53849

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.134903 Description A heap-based buffer overflow exists in the formSetVlanPolicy function of the /goform/setVlanPolicyData file. Manipulation of the qvlan truck port argument can trigger this issue, potentially allowing f...

PT-2025-53719

Name of the Vulnerable Software and Affected Versions Tenda M3 version 1.0.0.134903 Description A stack-based buffer overflow exists in Tenda M3. The issue is due to manipulation of the cmdinput argument within an unknown function of the /goform/exeCommand file. This allows for remote attacks. Th...