Details of VAR-202601-3105

ID

VAR-202601-3105

CVE

CVE-2025-69766

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AX3 Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-001993

DESCRIPTION

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution. All information handled by the software may be rewritten. Furthermore, the software may stop working completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-69766 // JVNDB: JVNDB-2026-001993

AFFECTED PRODUCTS

vendor:	tenda	model:	ax3	scope:	eq	version:	16.03.12.11	Trust: 1.0
vendor:	tenda	model:	ax3	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ax3	scope:	eq	version:	ax3 firmware 16.03.12.11	Trust: 0.8
vendor:	tenda	model:	ax3	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-001993 // NVD: CVE-2025-69766

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-69766
value:	CRITICAL
Trust: 1.0
OTHER:	JVNDB-2026-001993
value:	CRITICAL
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-69766
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-001993
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-001993 // NVD: CVE-2025-69766

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-001993 // NVD: CVE-2025-69766

PATCH

title:

Tenda AX3 Buffer Overflow in formGetIptv (Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef8043a091e6722b8e255a) Notion

url:

https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef8043a091e6722b8e255a

Trust: 0.8

sources: JVNDB: JVNDB-2026-001993

EXTERNAL IDS

db:	NVD	id:	CVE-2025-69766	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-001993	Trust: 0.8

sources: JVNDB: JVNDB-2026-001993 // NVD: CVE-2025-69766

REFERENCES

url:	https://river-brow-763.notion.site/tenda-ax3-buffer-overflow-in-formgetiptv-2c9a595a7aef8043a091e6722b8e255a	Trust: 1.0
url:	https://river-brow-763.notion.site/tenda-ax3-buffer-overflow-in-formgetiptv-2c9a595a7aef8043a091e6722b8e255a?source=copy_link	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-69766	Trust: 0.8

sources: JVNDB: JVNDB-2026-001993 // NVD: CVE-2025-69766

SOURCES

db:	JVNDB	id:	JVNDB-2026-001993
db:	NVD	id:	CVE-2025-69766

LAST UPDATE DATE

2026-01-29T23:47:07.770000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-001993	date:	2026-01-28T03:34:00
db:	NVD	id:	CVE-2025-69766	date:	2026-01-26T20:38:30.877

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-001993	date:	2026-01-28T00:00:00
db:	NVD	id:	CVE-2025-69766	date:	2026-01-21T18:16:24.253