Tenda Rx3 Firmware

Tenda RX3 16.03.13.11 Stack Buffer Overflow in set_qosMib_list
CVE-2026-2187 8.8 - High - February 08, 2026

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used.

Stack Overflow

Tenda RX3 16.03.13.11 -- Stack Overflow in SetIpMacBind
CVE-2026-2186 8.8 - High - February 08, 2026

A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

Stack Overflow

Tenda RX3 16.03.13.11 Remote Stack Buffer Overflow in set_device_name
CVE-2026-2185 8.8 - High - February 08, 2026

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.

Stack Overflow

StackBufOverflow in Tenda RX3 16.03.13.11 openSchedWifi
CVE-2026-2181 8.8 - High - February 08, 2026

A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

Stack Overflow

Tenda RX3 16.03.13.11 stack buffer overflow via ssid_5g
CVE-2026-2180 8.8 - High - February 08, 2026

A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

Stack Overflow

Tenda RX3 16.03.13.11 Multi_TDE01 Buffer Overflow in save_staticroute_data
CVE-2025-5527 8.8 - High - June 03, 2025

A vulnerability was found in Tenda RX3 16.03.13.11_multi_TDE01. It has been rated as critical. This issue affects the function save_staticroute_data of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Memory Corruption

Stack overflow in Tenda RX3 V1.0br via WifiGuestSet shareSpeed
CVE-2025-44899 - May 06, 2025

There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasic function of the web url /goform/ WifiGuestSet, the manipulation of the parameter shareSpeed leads to stack overflow.

Stack Overflow via MAC in Tenda RX3 V1.0 GetParentControlInfo
CVE-2025-44900 - May 06, 2025

In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow.

Stack Buffer Overflow in Tenda RX3 16.03.13.11 – formSetDeviceName
CVE-2025-3259 8.8 - High - April 04, 2025

A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Memory Corruption

Buffer Overflow in Tenda RX3 US_RX3V1.0br_V16 via /goform/SetSysTimeCfg
CVE-2025-29360 - March 13, 2025

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Tenda RX3 v16.03.13.11 Buffer Overflow in /goform/saveParentControlInfo (DoS)
CVE-2025-29359 - March 13, 2025

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Tenda RX3 Buffer Overflow via firewallEn (V16.03.13.11) DoS
CVE-2025-29358 - March 13, 2025

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Buffer Overflow in Tenda RX3 PPTP /goform/SetPptpServerCfg (pre 16.03.13.11)
CVE-2025-29357 - March 13, 2025

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.