Buffer Overflow Vulnerability in Tenda RX3 Router
CVE-2025-29360

7.5HIGH

Key Information:

Vendor: Tenda
Status: RX3 Router
Vendor: CVE Published:; 13 March 2025

Summary

The Tenda RX3 router is susceptible to a buffer overflow vulnerability located in the /goform/SetSysTimeCfg endpoint related to the time and timeZone parameters. This flaw can be exploited by attackers to send specially crafted packets that trigger the overflow, potentially resulting in a Denial of Service (DoS) condition that disrupts normal operations of the device. It is crucial for users to be aware of this vulnerability and implement appropriate security measures to protect their network.

References

https://github.com/2664521593/mycve/blob/main/Tenda/RX3/t...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 13, 2025
Vulnerability Reserved
Mar 11, 2025