Details of VAR-202601-3252

ID

VAR-202601-3252

CVE

CVE-2025-70651

TITLE

Shenzhen Tenda Technology Co.,Ltd. of ax1803 Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2026-001987

DESCRIPTION

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. DoS ) attacks.Information handled by the software will not be leaked to the outside. Information handled by the software will not be rewritten. In addition, the software may stop functioning completely. Furthermore, attacks that exploit this vulnerability will not affect other software

Trust: 1.62

sources: NVD: CVE-2025-70651 // JVNDB: JVNDB-2026-001987

AFFECTED PRODUCTS

vendor:	tenda	model:	ax1803	scope:	eq	version:	1.0.0.1	Trust: 1.0
vendor:	tenda	model:	ax1803	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ax1803	scope:	eq	version:	ax1803 firmware 1.0.0.1	Trust: 0.8
vendor:	tenda	model:	ax1803	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2026-001987 // NVD: CVE-2025-70651

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-70651
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2026-001987
value:	HIGH
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-70651
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2026-001987
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2026-001987 // NVD: CVE-2025-70651

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2026-001987 // NVD: CVE-2025-70651

PATCH

title:

VulnbyCola/Tenda/AX-1803/4/1.md at main 0-fool/VulnbyCola GitHub

url:

https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-1803/4/1.md

Trust: 0.8

sources: JVNDB: JVNDB-2026-001987

EXTERNAL IDS

db:	NVD	id:	CVE-2025-70651	Trust: 2.6
db:	JVNDB	id:	JVNDB-2026-001987	Trust: 0.8

sources: JVNDB: JVNDB-2026-001987 // NVD: CVE-2025-70651

REFERENCES

url:	https://github.com/0-fool/vulnbycola/blob/main/tenda/ax-1803/4/1.md	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-70651	Trust: 0.8

sources: JVNDB: JVNDB-2026-001987 // NVD: CVE-2025-70651

SOURCES

db:	JVNDB	id:	JVNDB-2026-001987
db:	NVD	id:	CVE-2025-70651

LAST UPDATE DATE

2026-01-29T23:47:07.743000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2026-001987	date:	2026-01-28T03:34:00
db:	NVD	id:	CVE-2025-70651	date:	2026-01-26T21:01:47.723

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2026-001987	date:	2026-01-28T00:00:00
db:	NVD	id:	CVE-2025-70651	date:	2026-01-21T16:16:07.657