Description

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

INFO

Published Date :

2026-01-21T00:00:00.000Z

Last Modified :

2026-01-22T14:59:23.499Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-69766 vulnerability.

Vendors Products
Tenda
  • Ax3
  • Ax3 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-69766.

URL Resource
https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef8043a091e6722b8e255a cve-icon cve-icon
https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef8043a091e6722b8e255a?source=copy_link cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact