CVE-2025-69763

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

21/01/2026

Last modified:

21/01/2026

Description

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution.

Impact

References to Advisories, Solutions, and Tools

https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formSetIptv-2c9a595a7aef8025a3c6c4b102d95dd4
https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formSetIptv-2c9a595a7aef8025a3c6c4b102d95dd4?source=copy_link