Tenda RX3 Buffer Overflow Vulnerability in PPTP Server Configuration

Vulnerability

A buffer overflow vulnerability has been identified in the Tenda RX3 router, specifically in the US_RX3V1.0br_V16.03.13.11_multi_TDE01 version. The issue arises in the '/goform/SetPptpServerCfg' endpoint, where the 'startIp' and 'endIp' parameters can be manipulated. This vulnerability allows attackers to craft packets that cause a denial-of-service condition on the device.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the device to become unresponsive or unavailable.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda RX3 Buffer Overflow Vulnerability in PPTP Server Configuration

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating