VYPR

Ax9 Firmware

by Tenda

CVEs (9)

  • CVE-2025-14636LowDec 13, 2025
    risk 0.24cvss 3.7epss 0.00

    A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is…

  • CVE-2025-69765Mar 3, 2026
    risk 0.00cvss epss 0.01

    Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.

  • CVE-2025-69764Jan 22, 2026
    risk 0.00cvss epss 0.01

    Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution.

  • CVE-2025-69766Jan 21, 2026
    risk 0.00cvss epss 0.01

    Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

  • CVE-2025-69762Jan 21, 2026
    risk 0.00cvss epss 0.01

    Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution.

  • CVE-2025-69763Jan 21, 2026
    risk 0.00cvss epss 0.01

    Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the vlanId parameter, which can cause memory corruption and enable remote code execution.

  • CVE-2024-40415Jul 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

  • CVE-2024-40414Jul 15, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.

  • CVE-2024-40416Jul 15, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda AX1806 1.0.0.1 firmware leads to stack-based buffer overflow.