Search criteria
7 vulnerabilities found for i24 by Tenda
CVE-2025-15371 (GCVE-0-2025-15371)
Vulnerability from nvd – Published: 2025-12-31 01:02 – Updated: 2026-01-02 14:38
VLAI?
Title
Tenda i24 Shadow File hard-coded credentials
Summary
A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Tenda | i24 |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
vlun-1 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T14:22:55.128847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:38:01.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Shadow File"
],
"product": "i24",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G03 Pro",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G05",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G08",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "G0-8G-PoE",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "Nova MW5G",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "TEG5328F",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vlun-1 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T01:02:06.989Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-339075 | Tenda i24 Shadow File hard-coded credentials",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.339075"
},
{
"name": "VDB-339075 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.339075"
},
{
"name": "Submit #727155 | Tenda Tenda i24v3.0 V3.0.0.8(4008) V3.0.0.8(4008) Hard-coded Credentials",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727155"
},
{
"name": "Submit #727283 | Tenda 4G03ProV1.0re V04.03.01.49 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727283"
},
{
"name": "Submit #727284 | Tenda 4G05V1.0re V04.05.01.15 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727284"
},
{
"name": "Submit #727285 | Tenda 4G08V1.0re V04.08.01.28 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727285"
},
{
"name": "Submit #727302 | Tenda G0-8G-PoEV2.0si V16.01.8.5 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727302"
},
{
"name": "Submit #727305 | Tenda MW5GV1.0re V1.0.0.35 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727305"
},
{
"name": "Submit #727306 | Tenda TEG5328FV1.0ma V65.10.15.6 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727306"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md"
},
{
"tags": [
"product"
],
"url": "https://www.tenda.com.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-30T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-30T19:37:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tenda i24 Shadow File hard-coded credentials"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15371",
"datePublished": "2025-12-31T01:02:06.989Z",
"dateReserved": "2025-12-30T17:35:13.980Z",
"dateUpdated": "2026-01-02T14:38:01.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15371 (GCVE-0-2025-15371)
Vulnerability from cvelistv5 – Published: 2025-12-31 01:02 – Updated: 2026-01-02 14:38
VLAI?
Title
Tenda i24 Shadow File hard-coded credentials
Summary
A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Tenda | i24 |
Affected:
1.0.0.35
Affected: 3.0.0.8(4008) Affected: 04.03.01.49 Affected: 04.05.01.15 Affected: 04.08.01.28 Affected: 16.01.8.5 Affected: 65.10.15.6 |
||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
Credits
vlun-1 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-02T14:22:55.128847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T14:38:01.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Shadow File"
],
"product": "i24",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G03 Pro",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G05",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "4G08",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "G0-8G-PoE",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "Nova MW5G",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
},
{
"modules": [
"Shadow File"
],
"product": "TEG5328F",
"vendor": "Tenda",
"versions": [
{
"status": "affected",
"version": "1.0.0.35"
},
{
"status": "affected",
"version": "3.0.0.8(4008)"
},
{
"status": "affected",
"version": "04.03.01.49"
},
{
"status": "affected",
"version": "04.05.01.15"
},
{
"status": "affected",
"version": "04.08.01.28"
},
{
"status": "affected",
"version": "16.01.8.5"
},
{
"status": "affected",
"version": "65.10.15.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "vlun-1 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "Use of Hard-coded Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T01:02:06.989Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-339075 | Tenda i24 Shadow File hard-coded credentials",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.339075"
},
{
"name": "VDB-339075 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.339075"
},
{
"name": "Submit #727155 | Tenda Tenda i24v3.0 V3.0.0.8(4008) V3.0.0.8(4008) Hard-coded Credentials",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727155"
},
{
"name": "Submit #727283 | Tenda 4G03ProV1.0re V04.03.01.49 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727283"
},
{
"name": "Submit #727284 | Tenda 4G05V1.0re V04.05.01.15 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727284"
},
{
"name": "Submit #727285 | Tenda 4G08V1.0re V04.08.01.28 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727285"
},
{
"name": "Submit #727302 | Tenda G0-8G-PoEV2.0si V16.01.8.5 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727302"
},
{
"name": "Submit #727305 | Tenda MW5GV1.0re V1.0.0.35 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727305"
},
{
"name": "Submit #727306 | Tenda TEG5328FV1.0ma V65.10.15.6 Hard-coded Credentials (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727306"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md"
},
{
"tags": [
"product"
],
"url": "https://www.tenda.com.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-30T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-12-30T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-12-30T19:37:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "Tenda i24 Shadow File hard-coded credentials"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15371",
"datePublished": "2025-12-31T01:02:06.989Z",
"dateReserved": "2025-12-30T17:35:13.980Z",
"dateUpdated": "2026-01-02T14:38:01.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-202504-3170
Vulnerability from variot - Updated: 2025-08-02 23:15A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute code and control the affected device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202504-3170",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "w12",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.5(3644)"
},
{
"model": "w12",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.4(2887)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"cve": "CVE-2025-3803",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2025-3803",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-010306",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-09681",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2025-3803",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-010306",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-3803",
"trust": 1.0,
"value": "High"
},
{
"author": "OTHER",
"id": "JVNDB-2025-010306",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-09681",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute code and control the affected device",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-3803"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "CNVD",
"id": "CNVD-2025-09681"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-3803",
"trust": 3.2
},
{
"db": "VULDB",
"id": "305657",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-09681",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"id": "VAR-202504-3170",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
}
]
},
"last_update_date": "2025-08-02T23:15:47.059000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://github.com/02tn/vul/issues/3"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.305657"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.554756"
},
{
"trust": 1.8,
"url": "https://www.tenda.com.cn/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-3803"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.305657"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"date": "2025-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"date": "2025-04-19T15:15:47.040000",
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09681"
},
{
"date": "2025-07-31T03:19:00",
"db": "JVNDB",
"id": "JVNDB-2025-010306"
},
{
"date": "2025-07-30T18:57:31.417000",
"db": "NVD",
"id": "CVE-2025-3803"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010306"
}
],
"trust": 0.8
}
}
VAR-202504-3237
Vulnerability from variot - Updated: 2025-08-02 23:13A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the parameter json in /goform/modules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202504-3237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "w12",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.5(3644)"
},
{
"model": "w12",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.4(2887)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"cve": "CVE-2025-4007",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2025-4007",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-010304",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-09669",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2025-4007",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-010304",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-4007",
"trust": 1.0,
"value": "High"
},
{
"author": "OTHER",
"id": "JVNDB-2025-010304",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-09669",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the parameter json in /goform/modules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-4007"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "CNVD",
"id": "CNVD-2025-09669"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-4007",
"trust": 3.2
},
{
"db": "VULDB",
"id": "306343",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-09669",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"id": "VAR-202504-3237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
}
]
},
"last_update_date": "2025-08-02T23:13:09.550000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Tenda W12/i24 Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/687681"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://github.com/02tn/vul/issues/5"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.306343"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.558165"
},
{
"trust": 1.8,
"url": "https://www.tenda.com.cn/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-4007"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.306343"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"date": "2025-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"date": "2025-04-28T08:15:16.117000",
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09669"
},
{
"date": "2025-07-31T03:19:00",
"db": "JVNDB",
"id": "JVNDB-2025-010304"
},
{
"date": "2025-07-30T18:57:09.823000",
"db": "NVD",
"id": "CVE-2025-4007"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010304"
}
],
"trust": 0.8
}
}
VAR-202504-3167
Vulnerability from variot - Updated: 2025-08-02 23:09A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by improper handling of cgiSysUplinkCheckSet. Attackers can exploit this vulnerability to execute arbitrary code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202504-3167",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "w12",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.5(3644)"
},
{
"model": "w12",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.4(2887)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"cve": "CVE-2025-3820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2025-3820",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-010305",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-09682",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2025-3820",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-010305",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-3820",
"trust": 1.0,
"value": "High"
},
{
"author": "OTHER",
"id": "JVNDB-2025-010305",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-09682",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by improper handling of cgiSysUplinkCheckSet. Attackers can exploit this vulnerability to execute arbitrary code",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-3820"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "CNVD",
"id": "CNVD-2025-09682"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-3820",
"trust": 3.2
},
{
"db": "VULDB",
"id": "305726",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-09682",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"id": "VAR-202504-3167",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
}
]
},
"last_update_date": "2025-08-02T23:09:37.510000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://github.com/02tn/vul/issues/4"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.305726"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.555728"
},
{
"trust": 1.8,
"url": "https://www.tenda.com.cn/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-3820"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.305726"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"date": "2025-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"date": "2025-04-19T21:15:45.660000",
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09682"
},
{
"date": "2025-07-31T03:19:00",
"db": "JVNDB",
"id": "JVNDB-2025-010305"
},
{
"date": "2025-07-30T18:57:54.207000",
"db": "NVD",
"id": "CVE-2025-3820"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010305"
}
],
"trust": 0.8
}
}
VAR-202504-3188
Vulnerability from variot - Updated: 2025-08-02 23:09A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202504-3188",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.4\\(2887\\)"
},
{
"model": "w12",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "3.0.0.5\\(3644\\)"
},
{
"model": "w12",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.5(3644)"
},
{
"model": "w12",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "3.0.0.4(2887)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"cve": "CVE-2025-3802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "cna@vuldb.com",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2025-3802",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "OTHER",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2025-010307",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2025-09677",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@vuldb.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2025-3802",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-010307",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "cna@vuldb.com",
"id": "CVE-2025-3802",
"trust": 1.0,
"value": "High"
},
{
"author": "OTHER",
"id": "JVNDB-2025-010307",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2025-09677",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present",
"sources": [
{
"db": "NVD",
"id": "CVE-2025-3802"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "CNVD",
"id": "CNVD-2025-09677"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2025-3802",
"trust": 3.2
},
{
"db": "VULDB",
"id": "305656",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-09677",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"id": "VAR-202504-3188",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
}
]
},
"last_update_date": "2025-08-02T23:09:37.487000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "CWE-121",
"trust": 1.0
},
{
"problemtype": "Buffer error (CWE-119) [ others ]",
"trust": 0.8
},
{
"problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://github.com/02tn/vul/issues/2"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?id.305656"
},
{
"trust": 1.8,
"url": "https://vuldb.com/?submit.554746"
},
{
"trust": 1.8,
"url": "https://www.tenda.com.cn/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2025-3802"
},
{
"trust": 1.0,
"url": "https://vuldb.com/?ctiid.305656"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"date": "2025-07-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"date": "2025-04-19T15:15:46.073000",
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09677"
},
{
"date": "2025-07-31T03:19:00",
"db": "JVNDB",
"id": "JVNDB-2025-010307"
},
{
"date": "2025-07-30T18:57:42.063000",
"db": "NVD",
"id": "CVE-2025-3802"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-010307"
}
],
"trust": 0.8
}
}
VAR-202501-2163
Vulnerability from variot - Updated: 2025-05-15 23:17Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. Shenzhen Tenda Technology Co.,Ltd. of i24 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202501-2163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i24",
"scope": "eq",
"trust": 1.0,
"vendor": "tenda",
"version": "2.0.0.5"
},
{
"model": "i24",
"scope": "eq",
"trust": 0.8,
"vendor": "tenda",
"version": "i24 firmware 2.0.0.5"
},
{
"model": "i24",
"scope": "eq",
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": null,
"trust": 0.8,
"vendor": "tenda",
"version": null
},
{
"model": "i24",
"scope": "eq",
"trust": 0.6,
"vendor": "tenda",
"version": "v2.0.0.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"cve": "CVE-2024-57483",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2025-09692",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-57483",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2025-003526",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-57483",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2025-003526",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2025-09692",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. Shenzhen Tenda Technology Co.,Ltd. of i24 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-57483"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "CNVD",
"id": "CNVD-2025-09692"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-57483",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2025-09692",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"id": "VAR-202501-2163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
}
]
},
"last_update_date": "2025-05-15T23:17:27.035000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tenda.com"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-57483"
},
{
"trust": 1.0,
"url": "https://gist.github.com/xiaocurry/7dd5c6ab5af9df49883535b997cef7a4"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"date": "2025-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"date": "2025-01-14T23:15:09.060000",
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2025-05-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2025-09692"
},
{
"date": "2025-04-16T07:10:00",
"db": "JVNDB",
"id": "JVNDB-2025-003526"
},
{
"date": "2025-04-09T18:32:38.667000",
"db": "NVD",
"id": "CVE-2024-57483"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0i24\u00a0 Classic buffer overflow vulnerability in firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2025-003526"
}
],
"trust": 0.8
}
}