Home

Description

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

PUBLISHED Reserved 2026-01-09 | Published 2026-01-21 | Updated 2026-01-22 | Assigner mitre

References

river-brow-763.notion.site/...1e6722b8e255a?source=copy_link

river-brow-763.notion.site/...9a595a7aef8043a091e6722b8e255a

cve.org (CVE-2025-69766)

nvd.nist.gov (CVE-2025-69766)

Download JSON