Sign-up

ID

VAR-202504-3237


CVE

CVE-2025-4007


TITLE

Tenda W12/i24 Buffer Overflow Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-09669

DESCRIPTION

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vulnerability is caused by the failure of the parameter json in /goform/modules to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 1.44

sources: NVD: CVE-2025-4007 // CNVD: CNVD-2025-09669

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-09669

AFFECTED PRODUCTS

vendor:tendamodel:i24scope:eqversion:3.0.0.5(3644)

Trust: 0.6

vendor:tendamodel:w12scope:eqversion:3.0.0.4(2887)

Trust: 0.6

sources: CNVD: CNVD-2025-09669

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-4007
value: HIGH

Trust: 1.0

CNVD: CNVD-2025-09669
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-4007
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-09669
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-4007
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-09669 // NVD: CVE-2025-4007

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-121

Trust: 1.0

sources: NVD: CVE-2025-4007

PATCH

title:Patch for Tenda W12/i24 Buffer Overflow Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/687681

Trust: 0.6

sources: CNVD: CNVD-2025-09669

EXTERNAL IDS

db:NVDid:CVE-2025-4007

Trust: 1.6

db:VULDBid:306343

Trust: 1.0

db:CNVDid:CNVD-2025-09669

Trust: 0.6

sources: CNVD: CNVD-2025-09669 // NVD: CVE-2025-4007

REFERENCES

url:https://github.com/02tn/vul/issues/5

Trust: 1.0

url:https://www.tenda.com.cn/

Trust: 1.0

url:https://vuldb.com/?ctiid.306343

Trust: 1.0

url:https://vuldb.com/?submit.558165

Trust: 1.0

url:https://vuldb.com/?id.306343

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-4007

Trust: 0.6

sources: CNVD: CNVD-2025-09669 // NVD: CVE-2025-4007

SOURCES

db:CNVDid:CNVD-2025-09669
db:NVDid:CVE-2025-4007

LAST UPDATE DATE

2025-05-15T23:18:38.022000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-09669date:2025-05-14T00:00:00
db:NVDid:CVE-2025-4007date:2025-04-29T13:52:10.697

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-09669date:2025-05-13T00:00:00
db:NVDid:CVE-2025-4007date:2025-04-28T08:15:16.117