ГлавнаяУязвимости → CVE-2025-12212
8.8высокая

CVE-2025-12212

Описание

A weakness has been identified in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Затрагиваемое ПО
Tenda O3 firmware1.0.0.10\(2478\)Tenda O3
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setNetworkService.mdhttps://vuldb.com/?ctiid.329882https://vuldb.com/?id.329882https://vuldb.com/?submit.673267https://www.tenda.com.cn/https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setNetworkService.md