EUVD-2025-21097

| CVE-2025-7423 HIGH
2025-07-11 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 08:17 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 08:17 euvd
EUVD-2025-21097
PoC Detected
Jul 16, 2025 - 16:43 vuln.today
Public exploit code
CVE Published
Jul 11, 2025 - 01:15 nvd
HIGH 8.8

Tags

Buffer Overflow O3 Firmware Tenda

Description

A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). Affected by this vulnerability is the function formWifiMacFilterSet of the file /goform/setWrlFilterList of the component httpd. The manipulation of the argument macList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7423 is a critical stack-based buffer overflow vulnerability in Tenda O3V2 router firmware (version 1.0.0.12(3880)) affecting the WiFi MAC filter functionality. An authenticated attacker can remotely exploit this vulnerability by sending a malicious macList parameter to the /goform/setWrlFilterList endpoint, achieving arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has public exploit disclosure and may be actively exploited in the wild.

Technical Context

The vulnerability exists in the httpd web server component of Tenda O3V2, specifically within the formWifiMacFilterSet function that handles MAC filtering list configuration. The vulnerability is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically manifesting as a stack-based buffer overflow. The affected component processes user-supplied input from the macList parameter without proper bounds checking before copying data into a fixed-size stack buffer. This is a common pattern in embedded device firmware where C-based HTTP handlers lack modern safety mechanisms. The CPE designation (likely cpe:2.3:o:tenda:o3v2_firmware:1.0.0.12:*:*:*:*:*:*:*) indicates this affects Tenda's O3V2 model running the specific vulnerable firmware version. The vulnerability allows memory corruption on the stack, potentially overwriting return addresses and enabling control flow hijacking.

Affected Products

O3V2 (['1.0.0.12(3880)'])

Remediation

Vendor Patch: Update Tenda O3V2 device firmware to latest available version from Tenda's official website (https://www.tenda.com.cn/download/) or regional support pages; priority: CRITICAL - Apply immediately Network Mitigation: Restrict access to router administrative interface (httpd port, typically 8080) to trusted networks only via firewall rules or network segmentation; priority: HIGH - Implement while awaiting patch Credential Hardening: Change default router credentials to strong, unique password to prevent unauthorized authentication-based exploitation; priority: HIGH - Implement immediately Access Control: Disable remote management features if not actively required; disable WAN access to administrative interface; priority: MEDIUM - Defense-in-depth measure Monitoring: Monitor for POST requests to /goform/setWrlFilterList endpoint with unusually long macList parameters; alert on any such traffic patterns; priority: MEDIUM - For network defenders

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.4
CVSS: +44
POC: +20

Share

EUVD-2025-21097 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy