Stack-Based Buffer Overflow Vulnerability in Tenda W12 by Tenda
CVE-2025-3693

8.8HIGH

Key Information:

Vendor: Tenda
Status: Tenda W12
Vendor: CVE Published:; 16 April 2025

Summary

A stack-based buffer overflow was identified in the Tenda W12 router, specifically in the cgiWifiRadioSet function of the /bin/httpd file. This vulnerability allows an attacker to remotely exploit the system, potentially leading to unauthorized access or control. Given its public disclosure, it is crucial for users of the affected version to implement recommended security measures promptly.

References

https://github.com/02Tn/vul/issues/1

https://vuldb.com/?ctiid.304982

https://vuldb.com/?id.304982

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 16, 2025