CVE-2025-44899

Name of the Vulnerable Software and Affected Versions Tenda RX3 version V1.0br V16.03.13.11

Description The issue is related to a stack overflow vulnerability. It occurs in the fromSetWifiGusetBasic function of the web URL "/goform/WifiGuestSet", where the manipulation of the shareSpeed parameter leads to a stack overflow.

Recommendations For Tenda RX3 version V1.0br V16.03.13.11, as a temporary workaround, consider restricting access to the "/goform/WifiGuestSet" endpoint until a patch is available. Avoid manipulating the shareSpeed parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.