CVE-2025-15230 | Tenda M3 1.0.0.13(4903) setVlanPolicyData formSetVlanPolicy qvlan_truck_port heap-based overflow

Inserito da Angelo Barbosa | Dic 29, 2025 | CVE

A vulnerability was found in Tenda M3 1.0.0.13(4903). It has been rated as critical. Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow.

This vulnerability is known as CVE-2025-15230. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

CVE-2025-15230 | Tenda M3 1.0.0.13(4903) setVlanPolicyData formSetVlanPolicy qvlan_truck_port heap-based overflow

Post correlati

CVE-2024-56543 | Linux Kernel up to 6.6.63/6.11.10/6.12.1 ath12k dp_rx.c rx_tid::ab stack-based overflow

CVE-2025-67875 | ChurchCRM up to 6.5.2 cross site scripting

CVE-2018-9486 | Google Android 7/8/8.1/9 hidh_conn.cc hidh_l2cif_data_ind out-of-bounds

CVE-2023-6636 | Greenshift Plugin up to 7.6.2 on WordPress unrestricted upload