CVE-2025-12211 | Tenda O3 1.0.0.10(2478) /goform/setDmzInfo SetValue/GetValue dmzIP stack-based overflow

Inserito da Angelo Barbosa | Ott 25, 2025 | CVE

A vulnerability described as critical has been identified in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow.

This vulnerability is known as CVE-2025-12211. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-12211 | Tenda O3 1.0.0.10(2478) /goform/setDmzInfo SetValue/GetValue dmzIP stack-based overflow

Post correlati

CVE-2024-8134 | D-Link DNS-1550-04 up to 20240814 HTTP POST Request /cgi-bin/hd_config.cgi cgi_FMT_Std2R5_1st_DiskMGR f_source_dev command injection (SAP10383)

CVE-2024-7200 | SourceCodester Complaints Report Management System 1.0 ajax.php name cross site scripting

CVE-2024-0200 | GitHub Enterprise Server up to 3.8.12/3.9.7/3.10.4/3.11.2/3.11 Organization unknown vulnerability

CVE-2025-1469 | Turtek Eyotek prior 11.03.2025 authorization