CVE-2025-15234
Heap-Based Buffer Overflow in Tenda M3 Remote Internet LAN Function
Publication date: 2025-12-30
Last updated on: 2026-02-24
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | m3 | 1.0.0.13 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring for suspicious POST requests to the /goform/setInternetLanInfo endpoint with crafted parameters portIp, portMask, portGateWay, portDns, and portSecDns that may trigger the heap overflow. Network intrusion detection systems (NIDS) can be configured to alert on such requests. Additionally, inspecting router logs for unusual activity or crashes related to /goform/setInternetLanInfo may help. Specific commands are not provided in the resources. [1, 3]
Can you explain this vulnerability to me?
This vulnerability is a heap-based buffer overflow in the Tenda M3 router firmware version 1.0.0.13(4903). It occurs in the function formSetRemoteInternetLanInfo within the file /goform/setInternetLanInfo. By manipulating the arguments portIp, portMask, portGateWay, portDns, or portSecDns, an attacker can cause a buffer overflow. This can be exploited remotely without user interaction.
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to severe impacts such as remote code execution, denial of service, or unauthorized control over the affected device. Since it is a heap-based buffer overflow that can be triggered remotely, attackers could potentially take control of the router, disrupt network services, or intercept and manipulate network traffic.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda M3 router running firmware version 1.0.0.13(4903) with a non-vulnerable device, as no known countermeasures or patches currently exist. Disabling remote access to the router's management interface or restricting access to trusted networks may reduce exposure. Monitoring for exploit attempts and applying network-level protections are also advisable. [1]