Reconnecting to live updates…

CVE-2025-15233: Heap-based Buffer Overflow in Tenda M3

High

VulnerabilityCVE-2025-15233cve cve-2025-15233

Published: Tue Dec 30 2025 (12/30/2025, 08:02:06 UTC)

Source: CVE Database V5

Vendor/Project: Tenda

Product: M3

Description

A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.

Technical Details

Data Version: 5.2
Assigner Short Name: VulDB
Date Reserved: 2025-12-29T08:01:10.685Z
Cvss Version: 4.0
State: PUBLISHED

Threat ID: 69538a4271a94549f1b081af

Added to database: 12/30/2025, 8:16:02 AM

Last updated: 12/30/2025, 10:35:19 AM

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by

Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.