Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for i24 by tenda

    VAR-202603-3180

    Vulnerability from variot - Updated: 2026-04-11 00:08

    Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.

    Show details on source website

    {
      "affected_products": {
        "_id": null,
        "data": [
          {
            "_id": null,
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ]
      },
      "cve": "CVE-2025-70798",
      "cvss": {
        "_id": null,
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.5,
                "id": "CVE-2025-70798",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2025-70798",
                "trust": 1.0,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ]
      },
      "description": {
        "_id": null,
        "data": "Tenda i24V3.0si V3.0.0.5 Firmware V3.0.0.5 was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ],
        "trust": 1.0
      },
      "external_ids": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ]
      },
      "id": "VAR-202603-3180",
      "iot": {
        "_id": null,
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.6666667
      },
      "last_update_date": "2026-04-11T00:08:48.958000Z",
      "problemtype_data": {
        "_id": null,
        "data": [
          {
            "problemtype": "CWE-259",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ]
      },
      "references": {
        "_id": null,
        "data": [
          {
            "trust": 1.0,
            "url": "https://github.com/vuln-1/vuln/blob/main/tenda/i24v3.0si_v3.0.0.5/report-1.md"
          },
          {
            "trust": 1.0,
            "url": "https://www.tendacn.com/"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798"
          }
        ]
      },
      "sources": {
        "_id": null,
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-70798",
            "ident": null
          }
        ]
      },
      "sources_release_date": {
        "_id": null,
        "data": [
          {
            "date": "2026-03-10T21:16:42.233000",
            "db": "NVD",
            "id": "CVE-2025-70798",
            "ident": null
          }
        ]
      },
      "sources_update_date": {
        "_id": null,
        "data": [
          {
            "date": "2026-04-09T20:27:36.003000",
            "db": "NVD",
            "id": "CVE-2025-70798",
            "ident": null
          }
        ]
      }
    }

    VAR-202504-3170

    Vulnerability from variot - Updated: 2025-08-02 23:15

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute code and control the affected device

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202504-3170",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "w12",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.5(3644)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.4(2887)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "cve": "CVE-2025-3803",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-3803",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010306",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-09681",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-3803",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010306",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-3803",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-010306",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09681",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Attackers can exploit this vulnerability to execute code and control the affected device",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-3803",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "305657",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "id": "VAR-202504-3170",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          }
        ]
      },
      "last_update_date": "2025-08-02T23:15:47.059000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/02tn/vul/issues/3"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.305657"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.554756"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-3803"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.305657"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "date": "2025-07-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "date": "2025-04-19T15:15:47.040000",
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09681"
          },
          {
            "date": "2025-07-31T03:19:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          },
          {
            "date": "2025-07-30T18:57:31.417000",
            "db": "NVD",
            "id": "CVE-2025-3803"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010306"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202504-3237

    Vulnerability from variot - Updated: 2025-08-02 23:13

    A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the parameter json in /goform/modules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202504-3237",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "w12",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.5(3644)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.4(2887)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "cve": "CVE-2025-4007",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-4007",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010304",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-09669",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-4007",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010304",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-4007",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-010304",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09669",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by the failure of the parameter json in /goform/modules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-4007",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "306343",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "id": "VAR-202504-3237",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          }
        ]
      },
      "last_update_date": "2025-08-02T23:13:09.550000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Patch for Tenda W12/i24 Buffer Overflow Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/687681"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/02tn/vul/issues/5"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.306343"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.558165"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-4007"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.306343"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "date": "2025-07-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "date": "2025-04-28T08:15:16.117000",
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09669"
          },
          {
            "date": "2025-07-31T03:19:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          },
          {
            "date": "2025-07-30T18:57:09.823000",
            "db": "NVD",
            "id": "CVE-2025-4007"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010304"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202504-3167

    Vulnerability from variot - Updated: 2025-08-02 23:09

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by improper handling of cgiSysUplinkCheckSet. Attackers can exploit this vulnerability to execute arbitrary code

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202504-3167",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "w12",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.5(3644)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.4(2887)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "cve": "CVE-2025-3820",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-3820",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010305",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-09682",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-3820",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010305",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-3820",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-010305",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09682",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644) and classified as critical. Affected by this issue is the function cgiSysUplinkCheckSet of the file /bin/httpd. The manipulation of the argument hostIp1/hostIp2 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The vulnerability is caused by improper handling of cgiSysUplinkCheckSet. Attackers can exploit this vulnerability to execute arbitrary code",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-3820",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "305726",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "id": "VAR-202504-3167",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          }
        ]
      },
      "last_update_date": "2025-08-02T23:09:37.510000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/02tn/vul/issues/4"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.305726"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.555728"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-3820"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.305726"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "date": "2025-07-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "date": "2025-04-19T21:15:45.660000",
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09682"
          },
          {
            "date": "2025-07-31T03:19:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          },
          {
            "date": "2025-07-30T18:57:54.207000",
            "db": "NVD",
            "id": "CVE-2025-3820"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010305"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202504-3188

    Vulnerability from variot - Updated: 2025-08-02 23:09

    A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202504-3188",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.4\\(2887\\)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "3.0.0.5\\(3644\\)"
          },
          {
            "model": "w12",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.5(3644)"
          },
          {
            "model": "w12",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "3.0.0.4(2887)"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "cve": "CVE-2025-3802",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "cna@vuldb.com",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2025-3802",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "OTHER",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010307",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2025-09677",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "cna@vuldb.com",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2025-3802",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-010307",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "Low",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "cna@vuldb.com",
                "id": "CVE-2025-3802",
                "trust": 1.0,
                "value": "High"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-010307",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09677",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This vulnerability affects the function cgiPingSet of the file /bin/httpd. The manipulation of the argument pingIP leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of W12 firmware and i24 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. No detailed vulnerability details are provided at present",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-3802",
            "trust": 3.2
          },
          {
            "db": "VULDB",
            "id": "305656",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "id": "VAR-202504-3188",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          }
        ]
      },
      "last_update_date": "2025-08-02T23:09:37.487000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://github.com/02tn/vul/issues/2"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?id.305656"
          },
          {
            "trust": 1.8,
            "url": "https://vuldb.com/?submit.554746"
          },
          {
            "trust": 1.8,
            "url": "https://www.tenda.com.cn/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-3802"
          },
          {
            "trust": 1.0,
            "url": "https://vuldb.com/?ctiid.305656"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "date": "2025-07-31T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "date": "2025-04-19T15:15:46.073000",
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09677"
          },
          {
            "date": "2025-07-31T03:19:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          },
          {
            "date": "2025-07-30T18:57:42.063000",
            "db": "NVD",
            "id": "CVE-2025-3802"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0W12\u00a0 firmware and \u00a0i24\u00a0 Buffer error vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-010307"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202501-2163

    Vulnerability from variot - Updated: 2025-05-15 23:17

    Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. Shenzhen Tenda Technology Co.,Ltd. of i24 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202501-2163",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "i24",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "tenda",
            "version": "2.0.0.5"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": "i24  firmware  2.0.0.5"
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": null,
            "trust": 0.8,
            "vendor": "tenda",
            "version": null
          },
          {
            "model": "i24",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "tenda",
            "version": "v2.0.0.5"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "cve": "CVE-2024-57483",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2025-09692",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2024-57483",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-003526",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                "id": "CVE-2024-57483",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-003526",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2025-09692",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function. Shenzhen Tenda Technology Co.,Ltd. of i24 Firmware has a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-57483",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "id": "VAR-202501-2163",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          }
        ],
        "trust": 0.06
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          }
        ]
      },
      "last_update_date": "2025-05-15T23:17:27.035000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "Classic buffer overflow (CWE-120) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "http://tenda.com"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-57483"
          },
          {
            "trust": 1.0,
            "url": "https://gist.github.com/xiaocurry/7dd5c6ab5af9df49883535b997cef7a4"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "date": "2025-04-16T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "date": "2025-01-14T23:15:09.060000",
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-05-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2025-09692"
          },
          {
            "date": "2025-04-16T07:10:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          },
          {
            "date": "2025-04-09T18:32:38.667000",
            "db": "NVD",
            "id": "CVE-2024-57483"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Shenzhen\u00a0Tenda\u00a0Technology\u00a0Co.,Ltd.\u00a0 of \u00a0i24\u00a0 Classic buffer overflow vulnerability in firmware",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-003526"
          }
        ],
        "trust": 0.8
      }
    }

    CVE-2025-15371 (GCVE-0-2025-15371)

    Vulnerability from nvd – Published: 2025-12-31 01:02 – Updated: 2026-01-02 14:38
    VLAI
    Title
    Tenda i24 Shadow File hard-coded credentials
    Summary
    A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Hard-coded Credentials
    • CWE-259 - Use of Hard-coded Password
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.339075 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.339075 signaturepermissions-required
    https://vuldb.com/?submit.727155 third-party-advisory
    https://vuldb.com/?submit.727283 third-party-advisory
    https://vuldb.com/?submit.727284 third-party-advisory
    https://vuldb.com/?submit.727285 third-party-advisory
    https://vuldb.com/?submit.727302 third-party-advisory
    https://vuldb.com/?submit.727305 third-party-advisory
    https://vuldb.com/?submit.727306 third-party-advisory
    https://github.com/vuln-1/vuln/blob/main/Tenda/i2… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda i24 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G03 Pro Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G05 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G08 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda G0-8G-PoE Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda Nova MW5G Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda TEG5328F Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Credits
    vlun-1 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-02T14:22:55.128847Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-02T14:38:01.600Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Shadow File"
              ],
              "product": "i24",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G03 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G05",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G08",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "G0-8G-PoE",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "Nova MW5G",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "TEG5328F",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "vlun-1 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.8,
                "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-31T01:02:06.989Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-339075 | Tenda i24 Shadow File hard-coded credentials",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.339075"
            },
            {
              "name": "VDB-339075 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.339075"
            },
            {
              "name": "Submit #727155 | Tenda Tenda i24v3.0 V3.0.0.8(4008) V3.0.0.8(4008) Hard-coded Credentials",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727155"
            },
            {
              "name": "Submit #727283 | Tenda  4G03ProV1.0re V04.03.01.49 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727283"
            },
            {
              "name": "Submit #727284 | Tenda 4G05V1.0re V04.05.01.15 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727284"
            },
            {
              "name": "Submit #727285 | Tenda 4G08V1.0re V04.08.01.28 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727285"
            },
            {
              "name": "Submit #727302 | Tenda G0-8G-PoEV2.0si V16.01.8.5 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727302"
            },
            {
              "name": "Submit #727305 | Tenda MW5GV1.0re V1.0.0.35 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727305"
            },
            {
              "name": "Submit #727306 | Tenda TEG5328FV1.0ma V65.10.15.6 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727306"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-30T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-30T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-30T19:37:46.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda i24 Shadow File hard-coded credentials"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15371",
        "datePublished": "2025-12-31T01:02:06.989Z",
        "dateReserved": "2025-12-30T17:35:13.980Z",
        "dateUpdated": "2026-01-02T14:38:01.600Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-15371 (GCVE-0-2025-15371)

    Vulnerability from cvelistv5 – Published: 2025-12-31 01:02 – Updated: 2026-01-02 14:38
    VLAI
    Title
    Tenda i24 Shadow File hard-coded credentials
    Summary
    A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-798 - Hard-coded Credentials
    • CWE-259 - Use of Hard-coded Password
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.339075 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.339075 signaturepermissions-required
    https://vuldb.com/?submit.727155 third-party-advisory
    https://vuldb.com/?submit.727283 third-party-advisory
    https://vuldb.com/?submit.727284 third-party-advisory
    https://vuldb.com/?submit.727285 third-party-advisory
    https://vuldb.com/?submit.727302 third-party-advisory
    https://vuldb.com/?submit.727305 third-party-advisory
    https://vuldb.com/?submit.727306 third-party-advisory
    https://github.com/vuln-1/vuln/blob/main/Tenda/i2… exploit
    https://www.tenda.com.cn/ product
    Impacted products
    Vendor Product Version
    Tenda i24 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G03 Pro Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G05 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda 4G08 Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda G0-8G-PoE Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda Nova MW5G Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Tenda TEG5328F Affected: 1.0.0.35
    Affected: 3.0.0.8(4008)
    Affected: 04.03.01.49
    Affected: 04.05.01.15
    Affected: 04.08.01.28
    Affected: 16.01.8.5
    Affected: 65.10.15.6
    Create a notification for this product.
    Credits
    vlun-1 (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15371",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-01-02T14:22:55.128847Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-02T14:38:01.600Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Shadow File"
              ],
              "product": "i24",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G03 Pro",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G05",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "4G08",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "G0-8G-PoE",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "Nova MW5G",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            },
            {
              "modules": [
                "Shadow File"
              ],
              "product": "TEG5328F",
              "vendor": "Tenda",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.0.8(4008)"
                },
                {
                  "status": "affected",
                  "version": "04.03.01.49"
                },
                {
                  "status": "affected",
                  "version": "04.05.01.15"
                },
                {
                  "status": "affected",
                  "version": "04.08.01.28"
                },
                {
                  "status": "affected",
                  "version": "16.01.8.5"
                },
                {
                  "status": "affected",
                  "version": "65.10.15.6"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "vlun-1 (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0-8G-PoE, Nova MW5G and TEG5328F up to 65.10.15.6. Affected is an unknown function of the component Shadow File. Such manipulation with the input Fireitup leads to hard-coded credentials. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.8,
                "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-31T01:02:06.989Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-339075 | Tenda i24 Shadow File hard-coded credentials",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.339075"
            },
            {
              "name": "VDB-339075 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.339075"
            },
            {
              "name": "Submit #727155 | Tenda Tenda i24v3.0 V3.0.0.8(4008) V3.0.0.8(4008) Hard-coded Credentials",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727155"
            },
            {
              "name": "Submit #727283 | Tenda  4G03ProV1.0re V04.03.01.49 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727283"
            },
            {
              "name": "Submit #727284 | Tenda 4G05V1.0re V04.05.01.15 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727284"
            },
            {
              "name": "Submit #727285 | Tenda 4G08V1.0re V04.08.01.28 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727285"
            },
            {
              "name": "Submit #727302 | Tenda G0-8G-PoEV2.0si V16.01.8.5 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727302"
            },
            {
              "name": "Submit #727305 | Tenda MW5GV1.0re V1.0.0.35 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727305"
            },
            {
              "name": "Submit #727306 | Tenda TEG5328FV1.0ma V65.10.15.6 Hard-coded Credentials (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.727306"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/vuln-1/vuln/blob/main/Tenda/i24v3.0_V3.0.0.8/report-1.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tenda.com.cn/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-30T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-30T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-30T19:37:46.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Tenda i24 Shadow File hard-coded credentials"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15371",
        "datePublished": "2025-12-31T01:02:06.989Z",
        "dateReserved": "2025-12-30T17:35:13.980Z",
        "dateUpdated": "2026-01-02T14:38:01.600Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }