Chuanhao Wan

18 exploits Active since Oct 2025
CVE-2025-63147 WRITEUP HIGH WRITEUP
Tenda AX3 V16.03.12.10_CN - Buffer Overflow
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the deviceId parameter of the saveParentControlInfo function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63149 WRITEUP HIGH WRITEUP
Tenda AX3 V16.03.12.10_CN - Buffer Overflow
Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow in the urls parameter of the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63153 WRITEUP HIGH WRITEUP
TOTOLink A7000R V9.1.0u.6115_B20201022 - Buffer Overflow
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the ssid parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63154 WRITEUP HIGH WRITEUP
TOTOLink A7000R V9.1.0u.6115_B20201022 - Buffer Overflow
TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
CVSS 7.5
CVE-2025-63456 WRITEUP HIGH WRITEUP
Tenda AX-1803 v1.0.0.1 - DoS
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the SetSysTimeCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63457 WRITEUP HIGH WRITEUP
Tenda AX-1803 v1.0.0.1 - DoS
Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub_4F55C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63466 WRITEUP HIGH WRITEUP
Totolink LR350 v9.3.5u.6369_B20220309 - Buffer Overflow
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63467 WRITEUP HIGH WRITEUP
Totolink LR350 v9.3.5u.6369_B20220309 - Buffer Overflow
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_425400 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63468 WRITEUP HIGH WRITEUP
Totolink LR350 v9.3.5u.6369_B20220309 - Buffer Overflow
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-63469 WRITEUP HIGH WRITEUP
Totolink LR350 v9.3.5u.6369_B20220309 - Buffer Overflow
Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_421BAC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-70644 WRITEUP HIGH WRITEUP
Tenda Ax1806 Firmware - Stack Buffer Overflow
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the time parameter of the sub_60CFC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-70646 WRITEUP HIGH WRITEUP
Tenda Ax1803 Firmware - Stack Buffer Overflow
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_72290 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-70656 WRITEUP HIGH WRITEUP
Tenda Ax1806 Firmware - Stack Buffer Overflow
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the mac parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-71019 WRITEUP HIGH WRITEUP
Tenda Ax1806 Firmware - Stack Buffer Overflow
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-71020 WRITEUP HIGH WRITEUP
Tenda Ax1806 Firmware - Stack Buffer Overflow
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub_4C408 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-71021 WRITEUP HIGH WRITEUP
Tenda Ax1806 Firmware - Stack Buffer Overflow
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the serverName parameter of the sub_65A28 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-71023 WRITEUP HIGH WRITEUP
Tenda Ax3 Firmware - Stack Buffer Overflow
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5
CVE-2025-71026 WRITEUP HIGH WRITEUP
Tenda Ax3 Firmware - Out-of-Bounds Write
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 7.5