VYPR

O3V2

by Tenda

CVEs (13)

  • CVE-2024-36604CriJun 4, 2024
    risk 0.64cvss 9.8epss 0.02

    Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn parameter in the SetStp function. This vulnerability allows attackers to execute arbitrary commands with root privileges.

  • CVE-2025-7423HigJul 11, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). Affected by this vulnerability is the function formWifiMacFilterSet of the file /goform/setWrlFilterList of the component httpd. The manipulation of the argument macList leads to stack-based buffer…

  • CVE-2025-7422HigJul 11, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability classified as critical has been found in Tenda O3V2 1.0.0.12(3880). Affected is the function setAutoReboot of the file /goform/setNetworkService of the component httpd. The manipulation of the argument week leads to stack-based buffer overflow. It is possible to…

  • CVE-2025-7421HigJul 11, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been rated as critical. This issue affects the function fromMacFilterModify of the file /goform/operateMacFilter of the component httpd. The manipulation of the argument mac leads to stack-based buffer overflow. The…

  • CVE-2025-7420HigJul 11, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been declared as critical. This vulnerability affects the function formWifiBasicSet of the file /goform/setWrlBasicInfo of the component httpd. The manipulation of the argument extChannel leads to stack-based buffer…

  • CVE-2025-7419HigJul 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda O3V2 1.0.0.12(3880). It has been classified as critical. This affects the function fromSpeedTestSet of the file /goform/setRateTest of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. It is…

  • CVE-2025-7418HigJul 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this issue is the function fromPingResultGet of the file /goform/setPing of the component httpd. The manipulation of the argument destIP leads to stack-based buffer overflow. The…

  • CVE-2025-7417HigJul 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow.…

  • CVE-2025-7416HigJul 10, 2025
    risk 0.57cvss 8.8epss 0.01

    A vulnerability, which was classified as critical, was found in Tenda O3V2 1.0.0.12(3880). Affected is the function fromSysToolTime of the file /goform/setSysTimeInfo of the component httpd. The manipulation of the argument Time leads to stack-based buffer overflow. It is…

  • CVE-2024-34338HigMay 14, 2024
    risk 0.47cvss 7.2epss 0.03

    Tenda O3V2 with firmware versions V1.0.0.10 and V1.0.0.12 was discovered to contain a Blind Command Injection via dest parameter in /goform/getTraceroute. This vulnerability allows attackers to execute arbitrary commands with root privileges. Authentication is required to…

  • CVE-2025-7414MedJul 10, 2025
    risk 0.42cvss 6.3epss 0.13

    A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). This vulnerability affects the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument domain leads to os command injection. The attack can be…

  • CVE-2025-7415MedJul 10, 2025
    risk 0.41cvss 6.3epss 0.04

    A vulnerability, which was classified as critical, has been found in Tenda O3V2 1.0.0.12(3880). This issue affects the function fromTraceroutGet of the file /goform/getTraceroute of the component httpd. The manipulation of the argument dest leads to command injection. The attack…

  • CVE-2025-55613Aug 22, 2025
    risk 0.00cvss epss 0.01

    Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter.