What is the CVSS score of CVE-2025-7419?

CVE-2025-7419 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of O3 Firmware are affected by CVE-2025-7419?

A critical remote code execution vulnerability affects Tenda O3V2 routers (version 1.0.0.12(3880), potentially impacting organizations using this equipment for network connectivity.

Is there a public PoC exploit available for CVE-2025-7419?

Yes, a public proof-of-concept exploit is available for CVE-2025-7419. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-7419?

Within 24 hours: Identify and inventory all Tenda O3V2 devices in production environments and assess network exposure. Within 7 days: Implement network segmentation to isolate affected devices, disable remote management access, and restrict HTTP/HTTPS traffic to these devices to trusted sources only. Within 30 days: Evaluate replacement with alternative vendor equipment, contact Tenda for patch availability status, or decommission affected devices if business-critical alternatives exist.

O3 Firmware CVE-2025-7419

EUVD-2025-21086 HIGH

Buffer Overflow (CWE-119)

2025-07-10 cna@vuldb.com

Buffer Overflow Tenda O3 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 06:52 euvd

EUVD-2025-21086

Analysis Generated

Mar 16, 2026 - 06:52 vuln.today

PoC Detected

Jul 16, 2025 - 16:40 vuln.today

Public exploit code

CVE Published

Jul 10, 2025 - 23:15 nvd

HIGH 8.8

DescriptionNVD

A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

A critical stack-based buffer overflow vulnerability exists in Tenda O3V2 router firmware version 1.0.0.12(3880), affecting the httpd daemon's speed test functionality. An authenticated remote attacker can exploit the destIP parameter in the /goform/setRateTest endpoint to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability). Public exploit code is available and the vulnerability meets criteria for active exploitation risk.

Technical ContextAI

The vulnerability resides in the fromSpeedTestSet function within the httpd web server component of Tenda O3V2 routers. The root cause is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically a stack-based buffer overflow. The destIP parameter lacks proper input validation and boundary checking, allowing an attacker to write beyond allocated stack memory. This occurs in a network-facing HTTP endpoint (/goform/setRateTest), making it remotely exploitable. The affected hardware is the Tenda O3V2 wireless router (CPE likely: cpe:2.3:o:tenda:o3v2_firmware:1.0.0.12:*:*:*:*:*:*:*), with httpd processing user-supplied input without sanitization. Stack-based overflows can overwrite return addresses and local variables, enabling code execution at the privilege level of the httpd process (typically root on embedded devices).

RemediationAI

Patching: Update to firmware version > 1.0.0.12(3880) when released by Tenda. Check Tenda's official support page (support.tenda.com.cn or vendor-specific regional sites) for updated firmware images.; priority: CRITICAL Access Control Mitigation: Restrict access to the /goform/setRateTest endpoint via firewall rules or access control lists. Disable remote management if not required. Limit httpd daemon access to trusted networks only.; priority: HIGH Credential Hardening: Change default credentials on the device to strong, unique passwords to raise the barrier for authenticated exploitation (PR:L requirement).; priority: HIGH Network Segmentation: Isolate router management interfaces to a dedicated administrative network segment separate from guest/production traffic.; priority: MEDIUM Monitoring: Monitor httpd logs for POST requests to /goform/setRateTest with unusual destIP parameter lengths or special characters; alert on any destIP payloads exceeding expected bounds.; priority: MEDIUM

CVE-2025-7419 vulnerability details – vuln.today

Back

O3 Firmware CVE-2025-7419

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code