PT-2026-3841 · Tenda · Tenda Ax3
Publicado
2026-01-21
·
Atualizado
2026-01-21
·
CVE-2025-69766
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tenda AX3 firmware version 16.03.12.11
Description
The Tenda AX3 firmware contains a stack-based buffer overflow in the
formGetIptv function. This is due to improper handling of the citytag stack buffer, potentially leading to memory corruption and remote code execution.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Stack Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Tenda Ax3