Primary

Context

Tenda W12 Null Pointer Dereference Vulnerability in HTTP Request Handler

Vulnerability

A null pointer dereference vulnerability has been identified in the Tenda W12 access point running firmware version 3.0.0.6(3948). The issue arises in the HTTP request handler's 'wifiScheduledSet' function, where the application improperly validates user-controlled JSON input. This flaw allows remote attackers to send malformed HTTP requests that cause a denial-of-service condition by dereferencing a null pointer.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the device to crash or become unresponsive.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/modules' endpoint with a JSON payload that includes an empty 'wifiScheduledSet' object. The absence of a valid 'scheduledList' field in the payload triggers the null pointer dereference.

Added: Oct 9, 2025, 6:20 PM

Updated: Oct 9, 2025, 8:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W12 Null Pointer Dereference Vulnerability in HTTP Request Handler

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating