Stack Overflow Vulnerability in Tenda AX3 Router
CVE-2025-63147

6.5MEDIUM

Key Information:

Vendor: Tenda
Status: AX3 Router
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-63147?

The Tenda AX3 router has been found to be vulnerable to a stack overflow issue in the deviceId parameter of the saveParentControlInfo function. This vulnerability can be exploited by attackers sending specially crafted requests, potentially resulting in a Denial of Service (DoS) for users. As such, it poses a significant risk to network stability and security, prompting the need for immediate remediation.

References

https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-3...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Oct 27, 2025

JSON