CVE-2025-12209
Published: 27 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-12209 is a stack-based buffer overflow vulnerability affecting the Tenda O3 router on firmware version 1.0.0.10(2478). The flaw resides in the SetValue and GetValue functions within the /goform/setDhcpConfig file, where manipulation of the dhcpEn argument triggers the overflow. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation by an authenticated attacker possessing low privileges. No user interaction is required, and the low attack complexity allows for straightforward exploitation, potentially granting high impacts on confidentiality, integrity, and availability. This could result in arbitrary code execution on the affected device.
Advisories and references, including a GitHub repository at https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setDhcpConfig.md detailing the exploit, VulDB entries at https://vuldb.com/?ctiid.329879, https://vuldb.com/?id.329879, and https://vuldb.com/?submit.673263, and the vendor site at https://www.tenda.com.cn/, confirm the issue. No specific patches or mitigations are detailed in the provided references.
The exploit has been publicly disclosed and may be utilized, increasing the risk for unpatched Tenda O3 devices exposed to the network.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Stack-based buffer overflow in the remote web management interface (/goform/setDhcpConfig) of Tenda O3 router enables remote exploitation of a public-facing application for initial access.