CVE-2025-11550 | Tenda W12 3.0.0.6(3948) HTTP Request /goform/modules wifiScheduledSet null pointer dereference

Inserito da Angelo Barbosa | Ott 9, 2025 | CVE

A vulnerability labeled as critical has been found in Tenda W12 3.0.0.6(3948). The impacted element is the function wifiScheduledSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument wifiScheduledSet results in null pointer dereference.

This vulnerability was named CVE-2025-11550. The attack may be performed from remote. In addition, an exploit is available.

CVE-2025-11550 | Tenda W12 3.0.0.6(3948) HTTP Request /goform/modules wifiScheduledSet null pointer dereference

Post correlati

CVE-2024-28196 | Yooooomi your_spotify up to 1.8.x ui layer

CVE-2024-35540 | Typecho 1.3.0 cross site scripting

CVE-2025-57783 | Hiawatha up to 11.7 fetch_request request smuggling

CVE-2023-47527 | Sajjad Hossain Sagor WP Edit Username Plugin up to 1.0.5 on WordPress cross site scripting