CVE-2025-15234 | Tenda M3 1.0.0.13(4903) setInternetLanInfo formSetRemoteInternetLanInfo portIp/portMask/portGateWay/portDns/portSecDns heap-based overflow

Inserito da Angelo Barbosa | Dic 29, 2025 | CVE

A vulnerability marked as critical has been reported in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow.

The identification of this vulnerability is CVE-2025-15234. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-15234 | Tenda M3 1.0.0.13(4903) setInternetLanInfo formSetRemoteInternetLanInfo portIp/portMask/portGateWay/portDns/portSecDns heap-based overflow

Post correlati

CVE-2024-7201 | Simopro Technology WinMatrix3 up to 1.2.33.3 sql injection

CVE-2024-11833 | PlexTrac up to 2.8.0 File path traversal

CVE-2025-55454 | DooTask 1.0.51 /msg/sendfiles unrestricted upload

CVE-2025-11604 | projectworlds Online Ordering Food System 1.0 /all-orders.php Status sql injection