Stack-Based Buffer Overflow Vulnerability in Tenda W12 by Tenda
CVE-2025-3693

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Tenda W12
Vendor: CVE Published:; 16 April 2025

What is CVE-2025-3693?

A stack-based buffer overflow was identified in the Tenda W12 router, specifically in the cgiWifiRadioSet function of the /bin/httpd file. This vulnerability allows an attacker to remotely exploit the system, potentially leading to unauthorized access or control. Given its public disclosure, it is crucial for users of the affected version to implement recommended security measures promptly.

References

https://github.com/02Tn/vul/issues/1

https://vuldb.com/?ctiid.304982

https://vuldb.com/?id.304982

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2025

CVE-2025-3693 Data

JSON