CVE-2025-15232

HighPublic PoC

Published: 30 December 2025

Published

30 December 2025

Modified

02 January 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 33.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit…

is publicly available and might be used.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents stack-based buffer overflow by validating mac and terminal arguments in the formSetAdPushInfo function to ensure inputs are within expected bounds.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms such as stack canaries or DEP to block exploitation of the stack-based buffer overflow even if invalid inputs are processed.

SI-2 Flaw Remediation good match

preventrecover

Requires timely identification, reporting, and patching of the buffer overflow flaw in Tenda M3 firmware to eliminate the vulnerability.

Security SummaryAI

CVE-2025-15232 is a stack-based buffer overflow vulnerability in the Tenda M3 router firmware version 1.0.0.13(4903). The flaw affects the formSetAdPushInfo function in the /goform/setAdPushInfo file, where manipulation of the mac or terminal arguments triggers the overflow. Published on 2025-12-30, it is rated 8.8 on the CVSS 3.1 scale (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow).

The vulnerability enables remote exploitation by authenticated users with low privileges. Attackers can send crafted requests to the affected endpoint, leading to potential arbitrary code execution with high impacts on confidentiality, integrity, and availability. A public exploit is available, increasing the risk of widespread abuse.

VulDB advisories (ctiid.338628, id.338628, submit.725494) document the issue, with a detailed proof-of-concept on GitHub at dwBruijn/CVEs/blob/main/Tenda/setAdPushInfo.md. No specific patches or mitigations are detailed in the references; security practitioners should check the Tenda website (tenda.com.cn) for firmware updates and consider network segmentation or disabling the endpoint where possible.

Details

CWE(s): CWE-119 CWE-121

Affected Products

tenda

m3 firmware

1.0.0.13\(4903\)

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is a stack-based buffer overflow in a router's web interface (/goform/setAdPushInfo), enabling remote code execution via crafted requests by low-privileged authenticated users, directly mapping to exploitation of a public-facing application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/dwBruijn/CVEs/blob/main/Tenda/setAdPushInfo.md
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.338628
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.338628
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.725494
Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com