CVE-2025-12214
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-27

Last updated on: 2026-02-24

Assigner: VulDB

Description
A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-27
Last Modified
2026-02-24
Generated
2026-06-16
AI Q&A
2025-10-27
EPSS Evaluated
2026-06-14
NVD
CVE-2025-12214
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda o3_firmware1.0.0.10\(2478\) *
tenda o3 2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-12214 is a critical stack-based buffer overflow vulnerability in the Tenda O3 router version 1.0.0.10(2478). It occurs in the SetValue/GetValue functions of the /goform/sysAutoReboot endpoint when the 'enable' argument is manipulated with crafted input. This causes a buffer overflow on the stack, which can be exploited remotely without authentication. The overflow may allow attackers to compromise the device's confidentiality, integrity, and availability. [1, 4]

Impact Analysis

This vulnerability can lead to arbitrary code execution or denial of service on the affected Tenda O3 router. Because it can be exploited remotely without authentication, attackers can take control of the device, disrupt its operation, or access sensitive information, severely impacting the security and functionality of the device. [1, 4]

Detection Guidance

Detection can be performed by monitoring HTTP POST requests to the /goform/sysAutoReboot endpoint, specifically looking for manipulation of the 'enable' parameter with unusual or crafted input that could trigger the stack-based buffer overflow. Since a proof-of-concept exploit is publicly available, one could use it to test the system in a controlled environment. However, no specific detection commands are provided in the resources. Network monitoring tools like Wireshark or intrusion detection systems could be configured to alert on suspicious POST requests to this endpoint. [1, 4]

Mitigation Strategies

Immediate mitigation steps include replacing the affected Tenda O3 device or firmware version 1.0.0.10(2478) with a secure version if available. Since no known mitigations or countermeasures currently exist, it is recommended to restrict remote access to the device, especially blocking access to the /goform/sysAutoReboot endpoint, and monitor for exploitation attempts. Applying network-level protections such as firewall rules to limit access and disabling remote management features can help reduce risk until a patch or update is provided. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12214. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart