Skip to main content

CVE-2025-7417: Stack-based Buffer Overflow in Tenda O3V2

High
VulnerabilityCVE-2025-7417cvecve-2025-7417
Published: Thu Jul 10 2025 (07/10/2025, 22:02:07 UTC)
Source: CVE Database V5
Vendor/Project: Tenda
Product: O3V2

Description

A vulnerability has been found in Tenda O3V2 1.0.0.12(3880) and classified as critical. Affected by this vulnerability is the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 07/10/2025, 22:31:13 UTC

Technical Analysis

CVE-2025-7417 is a critical stack-based buffer overflow vulnerability identified in the Tenda O3V2 device, specifically version 1.0.0.12(3880). The flaw resides in the httpd component, within the function fromNetToolGet, which processes requests to the /goform/setPingInfo endpoint. The vulnerability is triggered by improper handling of the 'ip' argument, allowing an attacker to overflow the stack buffer. This can lead to arbitrary code execution or cause the device to crash, resulting in denial of service. The vulnerability is remotely exploitable without requiring user interaction or authentication, increasing its risk profile. The CVSS 4.0 base score is 8.7 (high severity), reflecting its network attack vector, low complexity, no privileges or user interaction needed, and high impact on confidentiality, integrity, and availability. Although no known exploits are reported in the wild yet, public disclosure of the exploit code increases the likelihood of active exploitation. The vulnerability affects a specific firmware version of the Tenda O3V2 device, which is typically used in networking environments such as small offices or home networks to provide wireless connectivity or point-to-point links. The lack of an official patch at the time of disclosure further elevates the risk for affected users.

Potential Impact

For European organizations, this vulnerability poses a significant threat, especially for those relying on Tenda O3V2 devices in their network infrastructure. Successful exploitation could allow attackers to execute arbitrary code remotely, potentially gaining control over the device. This could lead to interception or manipulation of network traffic, disruption of network services, or use of the compromised device as a foothold for lateral movement within the network. Confidentiality, integrity, and availability of network communications could be severely impacted. Organizations in sectors with high security requirements, such as finance, healthcare, and critical infrastructure, could face operational disruptions and data breaches. The remote and unauthenticated nature of the exploit means that attackers can target vulnerable devices from anywhere, increasing the attack surface. Additionally, the public availability of exploit code raises the risk of automated scanning and exploitation campaigns targeting European networks.

Mitigation Recommendations

Immediate mitigation should focus on network-level controls and device management. Organizations should identify and inventory all Tenda O3V2 devices running the affected firmware version. Until an official patch is released, network segmentation should be employed to isolate these devices from critical infrastructure and sensitive data flows. Access to the management interface (httpd service) should be restricted using firewall rules or access control lists to trusted IP addresses only. Monitoring network traffic for unusual requests to /goform/setPingInfo can help detect exploitation attempts. If possible, disable or restrict the vulnerable service or functionality temporarily. Organizations should engage with Tenda support channels to obtain firmware updates or security advisories. Additionally, implementing intrusion detection/prevention systems (IDS/IPS) with signatures targeting this vulnerability can provide proactive defense. Finally, organizations should prepare incident response plans to address potential compromises stemming from this vulnerability.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-07-10T07:48:32.313Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68703ba7a83201eaacaa45ba

Added to database: 7/10/2025, 10:16:07 PM

Last enriched: 7/10/2025, 10:31:13 PM

Last updated: 7/10/2025, 10:31:13 PM

Views: 2

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats