Primary

Context

Tenda O3V2 Stack-Based Buffer Overflow Vulnerability

Vulnerability

A critical stack-based buffer overflow vulnerability has been identified in the Tenda O3V2 router, specifically in the firmware version 1.0.0.12(3880). The issue arises in the httpd component, within the function fromPingResultGet, located in the file /goform/setPing. The vulnerability can be exploited remotely by manipulating the destIP argument, leading to potential arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, allowing for arbitrary code execution on the affected device.

Reproduction

The vulnerability can be reproduced by sending a crafted ping request to the router's httpd service, specifically targeting the /goform/setPing endpoint. The destIP parameter must be manipulated to include a payload that exceeds the buffer size, causing a stack overflow. This can be done remotely, without any authentication.

Added: Jul 10, 2025, 11:21 PM

Updated: Jul 10, 2025, 11:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda O3V2 Stack-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating