CNNVD-202512-5463 Information

CNNVD ID

CNNVD-202512-5463

Related CVE

CVE-2025-15234

• CNNVD Published: 2025-12-30

Description (Chinese)

Tenda M3是中国腾达（Tenda）公司的一款门禁控制器。 Tenda M3 1.0.0.13版本存在安全漏洞，该漏洞源于对文件/goform/setInternetLanInfo中参数portIp/portMask/portGateWay/portDns/portSecDns的错误操作，可能导致堆缓冲区溢出。

Description (English)

Tenda M3 is a door-ban controller for Tenda, China. There is a security loophole in version Tenda M3.0.0.13, which stems from an error in the application of the parameter portIp/portMask/portGateWay/portDns/portSecDns in the document/goform/setInternetLanInfo, which may result in a spill over the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-12-30

Last Modified

2026-02-24

References

https://vuldb.com/?id.338630 https://vuldb.com/?submit.725496 https://vuldb.com/?ctiid.338630 https://www.tenda.com.cn/ https://github.com/dwBruijn/CVEs/blob/main/Tenda/setRemoteInternetLanInfo.md