ГлавнаяУязвимости → CVE-2025-12211
8.8высокая

CVE-2025-12211

Описание

A security flaw has been discovered in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Затрагиваемое ПО
Tenda O3 firmware1.0.0.10\(2478\)Tenda O3
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setDmzInfo.mdhttps://vuldb.com/?ctiid.329881https://vuldb.com/?id.329881https://vuldb.com/?submit.673265https://www.tenda.com.cn/https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setDmzInfo.md