Cyber Resilience

CVE-2025-12214

HighPublic PoC

Published: 27 October 2025

Published
27 October 2025
Modified
24 February 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0027 50.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-12214 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda O3 Firmware1.0.0.10\(2478\). Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 49.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-12214 is a stack-based buffer overflow vulnerability affecting the Tenda O3 router on firmware version 1.0.0.10(2478). The flaw exists in the SetValue and GetValue functions of the /goform/sysAutoReboot file, where manipulation of the "enable" argument triggers the overflow. This issue, linked to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), was published on 2025-10-27 and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

An attacker with low privileges can exploit this vulnerability remotely with low complexity and no user interaction required. Successful exploitation grants high-impact access to confidentiality, integrity, and availability, potentially allowing arbitrary code execution on the affected device.

Advisories and references include a GitHub repository detailing the exploit for Tenda O3 v2.0 sysAutoReboot, VulDB entries (CTI ID 329884, ID 329884, submit 673269), and the official Tenda website. The exploit is publicly available and may be used, but no specific patches or mitigations are outlined in the provided details.

The public availability of the exploit underscores the urgency for Tenda O3 users to monitor vendor updates and apply any forthcoming firmware patches.

EU & UK References

Vulnerability details

A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing a manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now…

more

public and may be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Stack-based buffer overflow in remotely accessible web endpoint (/goform/sysAutoReboot) on Tenda O3 router enables remote exploitation of a public-facing application.

CVEs Like This One

CVE-2025-12212Same product: Tenda O3
CVE-2025-12211Same product: Tenda O3
CVE-2025-12209Same product: Tenda O3
CVE-2025-12210Same product: Tenda O3
CVE-2025-12213Same product: Tenda O3
CVE-2025-7417Same product: Tenda O3
CVE-2025-7418Same product: Tenda O3
CVE-2025-7422Same product: Tenda O3
CVE-2025-7419Same product: Tenda O3
CVE-2025-7423Same product: Tenda O3

Affected Assets

tenda
o3 firmware1.0.0.10\(2478\)
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of the specific stack-based buffer overflow flaw in the Tenda O3 firmware's /goform/sysAutoReboot functions.

prevent

Mandates validation of the 'enable' argument to block improper inputs causing the buffer overflow in SetValue/GetValue functions.

prevent

Provides memory safeguards like stack protections to block unauthorized code execution from the stack-based buffer overflow.

References