Unrated severityNVD Advisory· Published Apr 4, 2025· Updated Apr 4, 2025
Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow
CVE-2025-3259
Description
A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected products
2Patches
Vulnerability mechanics
References
5- sixth-action-50e.notion.site/Tenda-RX3-Buffer-Overflow-1c9f6468377380a2977cd6c3a81f453cmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.tenda.com.cnmitreproduct
News mentions
0No linked articles in our index yet.