This page lists publicly disclosed CVE vulnerabilities affecting tenda tx3_firmware (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-2137 | A vulnerability has been found in Tenda TX3 up to 16.03.13.11_multi. This impacts an unknown function of the file /goform/SetIpMacBind. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.4 | 0.73% | 2026-02-08 | 2026-06-17 |
| CVE-2025-8958 | A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.4 | 0.69% | 2025-08-14 | 2026-06-17 |
| CVE-2025-1899 | A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.1 | 0.66% | 2025-03-03 | 2026-06-17 |
| CVE-2025-1898 | A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.1 | 0.77% | 2025-03-03 | 2026-06-17 |
| CVE-2025-1897 | A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.1 | 1.10% | 2025-03-03 | 2026-06-17 |
| CVE-2025-1896 | A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.1 | 0.77% | 2025-03-03 | 2026-06-17 |
| CVE-2025-1895 | A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | [email protected] | 7.1 | 0.80% | 2025-03-03 | 2026-06-17 |
| CVE-2022-43029 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-43028 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-43027 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-43026 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-43025 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-43024 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | [email protected] | 9.8 | 0.76% | 2022-10-19 | 2026-06-17 |
| CVE-2022-40942 | Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time. | [email protected] | 9.8 | 8.15% | 2022-09-28 | 2026-06-17 |