CVE-2025-1898
Published: 04 March 2025
Summary
CVE-2025-1898 is a medium-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Tx3 Firmware. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 21.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 requires validation of information inputs like schedStartTime and schedEndTime parameters, directly preventing the buffer overflow triggered by malformed arguments in /goform/openSchedWifi.
SI-16 implements memory protections such as address space layout randomization or stack canaries that mitigate exploitation of the buffer overflow vulnerability for arbitrary code execution or crashes.
SI-2 ensures timely identification, reporting, and remediation of flaws like this critical buffer overflow in Tenda TX3 firmware version 16.03.13.11_multi through patching.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in Tenda TX3 router web interface (/goform/openSchedWifi) via crafted schedStartTime/schedEndTime parameters enables remote denial of service by crashing the application, directly facilitating T1499.004 (Application or System Exploitation).
NVD Description
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely.…
more
The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-1898 is a critical buffer overflow vulnerability (CWE-119, CWE-120) affecting Tenda TX3 router firmware version 16.03.13.11_multi. The flaw exists in an unknown function of the /goform/openSchedWifi file, where manipulation of the schedStartTime and schedEndTime arguments triggers the overflow. Published on 2025-03-04, it carries a CVSSv3.1 base score of 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
The vulnerability enables remote exploitation over the network with low complexity and no user interaction required. Attackers need low privileges, such as those of an authenticated user, to submit crafted requests targeting the vulnerable arguments. Successful exploitation leads to high availability impact (A:H), typically resulting in denial-of-service conditions like device crashes or reboots, with no direct confidentiality or integrity effects.
Advisories on VulDB detail the issue (ctiid.298416, id.298416, submit.506606), and a proof-of-concept exploit is publicly disclosed in a PDF at github.com/2664521593/mycve/blob/main/Tenda/TX3/tenda_tx3_bof_4.pdf. The Tenda vendor site (tenda.com.cn) should be consulted for any patches or mitigation guidance.
Details
- CWE(s)