CVE-2025-71026

HighPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

16 January 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0008 22.4th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-71026 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Tenda Ax3 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 22.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.

Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-16 Memory Protection

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Remote unauthenticated exploitation of public-facing router web function (T1190) via crafted input triggers stack overflow for DoS (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Deeper analysisAI

CVE-2025-71026, published on 2026-01-13, is a stack overflow vulnerability affecting the Tenda AX-3 router on firmware version v16.03.12.10_CN. The flaw occurs in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function, stemming from CWE-787 (Out-of-bounds Write) and CWE-121 (Stack-based Buffer Overflow). It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its high severity for availability impacts.

Unauthenticated attackers with network access can exploit this vulnerability by sending a crafted request to the affected function, triggering a stack overflow that causes a Denial of Service (DoS). No user interaction or privileges are required, enabling remote exploitation with low complexity to crash the device and disrupt network services.

Details on the vulnerability, including likely proof-of-concept information, are documented in a GitHub repository at https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-3/9/1.md. No official vendor advisories or patches are referenced in available data.

Details

CWE(s): CWE-787 CWE-121

Affected Products

tenda

ax3 firmware

16.03.12.10_cn

CVEs Like This One

CVE-2025-71024Same product: Tenda Ax3

CVE-2025-71027Same product: Tenda Ax3

CVE-2025-71023Same product: Tenda Ax3

CVE-2025-71025Same product: Tenda Ax3

CVE-2025-69763Same product: Tenda Ax3

CVE-2025-69762Same product: Tenda Ax3

CVE-2025-69765Same product: Tenda Ax3

CVE-2025-69764Same product: Tenda Ax3

CVE-2025-69766Same product: Tenda Ax3

CVE-2025-55605Same product: Tenda Ax3

References

https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-3/9/1.md
Exploit, Third Party Advisory · cve@mitre.org
https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-3/9/1.md
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0