CVE-2025-12210
Published: 27 October 2025
Summary
CVE-2025-12210 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda O3 Firmware1.0.0.10\(2478\). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 37.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the stack-based buffer overflow by enforcing input validation on the lanIp argument in the SetValue/GetValue functions to prevent exceeding memory bounds.
Provides memory protections such as non-executable stacks and ASLR that comprehensively hinder exploitation of stack-based buffer overflows even if invalid input occurs.
Ensures timely identification, reporting, and patching of the specific buffer overflow flaw in Tenda O3 firmware to prevent exploitation and restore system integrity.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in the remotely accessible web endpoint (/goform/AdvSetLanip) of the Tenda O3 router enables remote exploitation of a public-facing application.
NVD Description
A vulnerability was identified in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The…
more
exploit is publicly available and might be used.
Deeper analysisAI
CVE-2025-12210 is a stack-based buffer overflow vulnerability affecting the Tenda O3 router on firmware version 1.0.0.10(2478). The flaw resides in the SetValue and GetValue functions within the /goform/AdvSetLanip file, where manipulation of the lanIp argument triggers the overflow. This issue corresponds to CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow).
The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity. A remote attacker with low privileges can exploit it over the network with low complexity and no user interaction required. Successful exploitation could result in high impacts to confidentiality, integrity, and availability, potentially enabling remote code execution.
References include a GitHub repository hosting a publicly available exploit at https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/AdvSetLanip.md, along with VulDB entries at https://vuldb.com/?ctiid.329880, https://vuldb.com/?id.329880, and https://vuldb.com/?submit.673264. The Tenda website at https://www.tenda.com.cn/ is also referenced, though no specific mitigation or patch details are outlined in the provided information.
Details
- CWE(s)