CVE-2025-12212 | Tenda O3 1.0.0.10(2478) setNetworkService SetValue/GetValue upnpEn stack-based overflow

Inserito da Angelo Barbosa | Ott 25, 2025 | CVE

A vulnerability classified as critical has been found in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow.

This vulnerability is handled as CVE-2025-12212. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-12212 | Tenda O3 1.0.0.10(2478) setNetworkService SetValue/GetValue upnpEn stack-based overflow

Post correlati

CVE-2024-5550 | h2oai h2o-3 up to 3.40.0.4 information disclosure

CVE-2025-48279 | Richard Perdaan WC MyParcel Belgium Plugin up to beta on WordPress cross site scripting

CVE-2025-8525 | Exrick xboot up to 3.3.4 Spring Boot Admin/Spring Actuator information disclosure (Issue 72)

CVE-2025-31635 | LambertGroup CLEVER Plugin up to 2.6 on WordPress path traversal