CVE-2025-25678

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 20, 2025

Updated: Feb 21, 2025

CWE ID 120

Summary

CVE-2025-25678 is a newly disclosed buffer overflow vulnerability affecting Tenda i12 V1.0.0.10(3805). The issue arises due to an incorrect handling of input in the formSetCfm function, which results in a buffer overflow. An attacker could exploit this vulnerability by sending specially crafted data to the affected device, potentially leading to arbitrary code execution and serious security implications. Users are strongly urged to update their devices to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3IEfAt
https://www.cve.org/CVERecord?id=CVE-2025-25678
https://nvd.nist.gov/vuln/detail/CVE-2025-25678

Back to Vulnerability Database

CVE-2025-25678

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations