Tenda G3 Firmware vulnerabilities

CVE-2025-57057 [HIGH] CWE-121 CVE-2025-57057: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in t Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57071 [HIGH] CWE-121 CVE-2025-57071: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the vpnUsers parameter in the formAddVpnUsers function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57061 [HIGH] CWE-121 CVE-2025-57061: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindM Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57078 [HIGH] CWE-121 CVE-2025-57078: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacInd Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pppoeServerWhiteMacIndex parameter in the formModifyPppAuthWhiteMac function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57058 [HIGH] CWE-121 CVE-2025-57058: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCf Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57059 [HIGH] CWE-121 CVE-2025-57059: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57063 [HIGH] CWE-121 CVE-2025-57063: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex param Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57070 [HIGH] CWE-121 CVE-2025-57070: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57064 [HIGH] CWE-121 CVE-2025-57064: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex paramete Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57060 [HIGH] CWE-121 CVE-2025-57060: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the rules parameter in the dns_forward_rule_store function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57069 [HIGH] CWE-121 CVE-2025-57069: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the pPppUser parameter in the getsinglepppuser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57072 [HIGH] CWE-121 CVE-2025-57072: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway par Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the staticRouteGateway parameter in the formSetStaticRoute function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-57062 [HIGH] CWE-121 CVE-2025-57062: Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the delDhcpIndex parameter in the formDelDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2024-48192 [HIGH] CWE-798 CVE-2024-48192: Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /et Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root

CVE-2024-8225 [HIGH] CWE-121 CVE-2024-8225: A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NO

CVE-2024-4164 [HIGH] CWE-121 CVE-2024-4164: A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.17(9502). This A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.17(9502). This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been dis

CVE-2024-4165 [HIGH] CWE-121 CVE-2024-4165: A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502). Affected A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.17(9502). Affected is the function modifyDhcpRule of the file /goform/modifyDhcpRule. The manipulation of the argument bindDhcpIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be us

CVE-2022-36586 [CRITICAL] CWE-120 CVE-2022-36586: In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.

CVE-2022-36585 [CRITICAL] CWE-120 CVE-2022-36585: In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buf In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.

CVE-2022-36587 [CRITICAL] CWE-120 CVE-2022-36587: In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.