Skip to main content

Tenda AX9 CVE-2025-14636

LOW
Use of a Broken or Risky Cryptographic Algorithm (CWE-327)
2025-12-13 cna@vuldb.com
2.9
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.9 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Apr 29, 2026 - 02:46 vuln.today

DescriptionCVE.org

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks.

AnalysisAI

Weak cryptographic hashing in the image_check function of Tenda AX9 firmware 22.03.01.46 allows remote attackers to compromise firmware integrity validation without authentication. The vulnerability has a CVSS score of 2.9 (very low severity) and publicly available exploit code exists, but the high attack complexity and difficult exploitability rating indicate practical barriers to successful exploitation. Real-world risk is minimal: while the vulnerability permits information disclosure related to hash values, it does not enable remote code execution or device takeover.

Technical ContextAI

The vulnerability resides in the httpd component of Tenda AX9 firmware, specifically in the image_check function which is responsible for validating firmware image integrity before installation. The root cause is CWE-327: Use of a Broken or Risky Cryptographic Algorithm, meaning the function employs weak hashing mechanisms insufficient for cryptographic security. Attackers who can supply a malicious firmware image can bypass or predict the hash validation, allowing information disclosure about the firmware authentication process. The affected CPE is cpe:2.3:o:tenda:ax9_firmware:22.03.01.46:*:*:*:*:*:*:*.

RemediationAI

Tenda users should upgrade to a patched firmware version beyond 22.03.01.46 when available from Tenda's official website (https://www.tenda.com.cn/). Until an official patch is released, the practical mitigation is limited because the vulnerability exists in the firmware itself - firmware upgrades require the vulnerable image_check function to approve the update. As a compensating control, restrict network access to the AX9 device's management interface (typically port 80/443 for httpd) using firewall rules or network segmentation if remote firmware management is not required; this does not fix the weak hashing but prevents remote attackers from triggering the vulnerable code path. Monitor Tenda security advisories for patched firmware versions and deploy immediately upon release.

CVE-2023-49436 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /gofo

CVE-2023-49435 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 is vulnerable to command injection. Rated critical severity (CVSS 9.8), this vulnerability is rem

CVE-2023-49434 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetNe

CVE-2023-49433 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetVi

CVE-2023-49432 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'deviceList' parameter at /goform

CVE-2023-49431 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /gofor

CVE-2023-49430 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list' parameter at /goform/SetSt

CVE-2023-49429 CRITICAL POC
9.8 Dec 07

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature th

CVE-2024-39963 HIGH POC
8.0 Jul 19

AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX12 V1.0 V22.03.01

Share

CVE-2025-14636 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy