CVE-2025-69765
Published: 03 March 2026
Summary
CVE-2025-69765 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ax3 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-69765 is a stack overflow vulnerability affecting Tenda AX3 firmware version v16.03.12.11, specifically in the formGetIptv function due to improper handling of the list parameter. This issue, classified as CWE-121, can lead to memory corruption and remote code execution. The vulnerability received a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and was published on 2026-03-03T18:16:24.193.
Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. Exploitation triggers stack-based memory corruption in the affected function, enabling potential remote code execution and high-impact disruption to availability, as indicated by the CVSS metrics.
Mitigation details and further technical analysis are available in the referenced advisory at https://river-brow-763.notion.site/Tenda-AX3-Buffer-Overflow-in-formGetIptv-2c9a595a7aef809db06fc8677ad4b2ba.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208247
Vulnerability details
Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in exposed formGetIptv handler of router firmware web interface directly enables unauthenticated remote code execution against a public-facing network service.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of the list parameter input to formGetIptv to prevent stack overflow and memory corruption.
Implements memory safeguards like stack canaries or DEP to protect against exploitation of the stack overflow for remote code execution.
Mandates timely patching of the specific firmware flaw in Tenda AX3 v16.03.12.11 to remediate the stack overflow vulnerability.