Skip to main content

I3 Firmware

7 CVEs product

Monthly

CVE-2026-3804 HIGH POC This Week

Remote code execution in Tenda i3 1.0.0.6(2204) firmware allows unauthenticated attackers to achieve full system compromise through a stack-based buffer overflow in the WifiMacFilterSet function. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring immediate mitigation through network segmentation or device isolation.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3803 HIGH POC This Week

Remote code execution in Tenda i3 firmware versions up to 1.0.0.6(2204) via stack-based buffer overflow in the WiFi MAC filter function allows unauthenticated attackers to achieve full system compromise over the network. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires only low complexity to exploit and affects the confidentiality, integrity, and availability of affected devices.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3802 HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve code execution by manipulating the cmdinput parameter in the /goform/exeCommand function. Public exploit code exists for this vulnerability and no patch is currently available, placing affected devices at immediate risk.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3801 HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of ping parameters in the setAutoPing function. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3799 HIGH POC This Week

Stack overflow in Tenda i3 firmware version 1.0.0.6(2204) allows authenticated remote attackers to achieve full system compromise through a malformed funcpara1 parameter in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2019-12821 MEDIUM This Month

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE I3 Firmware
NVD
CVSS 3.0
4.8
EPSS
0.9%
CVE-2019-12820 MEDIUM This Month

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Apple Information Disclosure I3 Firmware
NVD
CVSS 3.0
5.6
EPSS
0.5%
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda i3 1.0.0.6(2204) firmware allows unauthenticated attackers to achieve full system compromise through a stack-based buffer overflow in the WifiMacFilterSet function. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available, requiring immediate mitigation through network segmentation or device isolation.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Remote code execution in Tenda i3 firmware versions up to 1.0.0.6(2204) via stack-based buffer overflow in the WiFi MAC filter function allows unauthenticated attackers to achieve full system compromise over the network. Public exploit code exists for this vulnerability and no patch is currently available. The flaw requires only low complexity to exploit and affects the confidentiality, integrity, and availability of affected devices.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve code execution by manipulating the cmdinput parameter in the /goform/exeCommand function. Public exploit code exists for this vulnerability and no patch is currently available, placing affected devices at immediate risk.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack-based buffer overflow in Tenda i3 1.0.0.6(2204) firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of ping parameters in the setAutoPing function. Public exploit code exists for this vulnerability and no patch is currently available, creating significant risk for affected deployments.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

Stack overflow in Tenda i3 firmware version 1.0.0.6(2204) allows authenticated remote attackers to achieve full system compromise through a malformed funcpara1 parameter in the /goform/setcfm endpoint. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow Stack Overflow I3 Firmware
NVD GitHub VulDB
EPSS 1% CVSS 4.8
MEDIUM This Month

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE I3 Firmware
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Apple Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy