CVE Details
Basic Information
| Title | Tenda O3V2 httpd setWrlFilterList formWifiMacFilterSet stack-based overflow |
|---|---|
| Type | cve |
| Published | 2025-07-11T01:02:08.323Z |
| Modified | 2025-07-11T01:02:08.323Z |
Product Information
| Vendor | Tenda |
|---|---|
| Product | O3V2 |
| Version | 1.0.0.12(3880) |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical stack-based buffer overflow vulnerability in Tenda O3V2’s httpd component allows remote attackers to exploit the macList argument in setWrlFilterList, potentially leading to system compromise. The exploit is publicly disclosed, increasing the risk of attack. |
|---|---|
| AI Severity | High |
| AI Vendor | Tenda |
| AI Product | O3V2 |
| AI Version | 1.0.0.12(3880) |
Affected Products
- Tenda O3V2 1.0.0.12(3880)
Additional Information
| CWE List | CWE-121, CWE-119 |
|---|---|
| Source | VulDB |
Description
A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). Affected by this vulnerability is the function formWifiMacFilterSet of the file /goform/setWrlFilterList of the component httpd. The manipulation of the argument macList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.