Primary

Context

Tenda O3 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in the Tenda O3 router, specifically in the firmware version 1.0.0.10(2478). The issue arises in the '/goform/setDhcpConfig' endpoint, where the 'dhcpEn' parameter is accepted without proper length or content validation. This vulnerability can be exploited remotely, leading to potential arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to arbitrary code execution.

Reproduction

To reproduce this vulnerability, send a POST request to the '/goform/setDhcpConfig' endpoint with a 'dhcpEn' parameter containing a payload of excessive length. This unvalidated input is then stored and retrieved via the '/goform/getDhcpConfig' endpoint, where the overflow occurs on the stack.

Added: Oct 27, 2025, 3:19 AM

Updated: Oct 27, 2025, 3:19 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

9.1

remediation

7.7

relevance

0.8

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

9.1

remediation

7.7

relevance

0.8

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda O3 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Tenda O3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating