Buffer Overflow in Tenda i12 by Tenda
CVE-2025-29149

7.5HIGH

Key Information:

Vendor: Tenda
Status: Tenda i12
Vendor: CVE Published:; 20 March 2025

Summary

The Tenda i12 device has a security vulnerability that allows for a buffer overflow through the 'ping1' parameter in the 'formSetAutoPing' function. This flaw can potentially enable an attacker to manipulate the device's memory, leading to unauthorized actions or service disruption. It's crucial for users to be aware of this issue and consider preventive measures to secure their devices.

References

https://github.com/Raining-101/IOT_cve/blob/main/tenda%20...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Mar 11, 2025