CVE-2025-63454
BaseFortify
Publication date: 2025-10-31
Last updated on: 2025-11-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ax3 | * |
| tenda | ax3_firmware | 16.03.12.10_cn |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack overflow in the Tenda AX-3 router firmware version v16.03.12.10_CN. It occurs via the deviceId parameter in the get_parentControl_list_Info function. An attacker can send a specially crafted request that triggers this overflow, potentially causing the device to crash or become unresponsive. [1]
How can this vulnerability impact me? :
The vulnerability can cause a Denial of Service (DoS) on the affected device. This means an attacker can make the router stop functioning properly, disrupting network connectivity and access to internet services for users relying on this device. [1]