ГлавнаяУязвимости → CVE-2025-11549
8.8высокая

CVE-2025-11549

Описание

A vulnerability has been found in Tenda W12 3.0.0.6(3948). The affected element is the function wifiMacFilterSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Tenda W12 firmwareTenda W12
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_W12/cgiWifiMacFilterSet/cgiWifiMacFilterSet.mdhttps://vuldb.com/?ctiid.327708https://vuldb.com/?id.327708https://vuldb.com/?submit.670110https://www.tenda.com.cn/https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_W12/cgiWifiMacFilterSet/cgiWifiMacFilterSet.md