CVE-2025-1899 Information
Mar 07, 2025
cve
Description
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
https://github.com/2664521593/mycve/blob/main/Tenda/TX3/tenda_tx3_bof_5.pdf https://vuldb.com/?ctiid.298417 https://vuldb.com/?id.298417 https://vuldb.com/?submit.506607 https://www.tenda.com.cn/
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
7.5
Share on: