Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Tenda AX3 Router: Remote Code Execution via TV Service
CVE-2025-69765
Summary
The Tenda AX3 router's firmware version 16.03.12.11 has a security weakness that allows an attacker to take control of the router remotely. This could let the attacker access the router's settings, view sensitive information, or even use the router to attack other devices on the network. Update the router's firmware to the latest version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| tenda | ax3_firmware | 16.03.12.11 | – |
Original title
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.
Original description
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.
nvd CVSS3.1
7.5
Vulnerability type
CWE-121
Stack-based Buffer Overflow
- https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a... Exploit Third Party Advisory
- https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a... Exploit Third Party Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026