CVE-2025-29360
Published: 13 March 2025
Summary
CVE-2025-29360 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Tenda Rx3 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 29.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires validation of time and timeZone parameters to prevent buffer overflow exploitation at the /goform/SetSysTimeCfg endpoint.
Mandates timely remediation of the buffer overflow flaw through firmware patching or upgrades for the affected Tenda RX3 version.
Provides denial-of-service protections such as rate limiting or traffic filtering to mitigate crashes from crafted packets targeting the vulnerable endpoint.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow in public-facing /goform/SetSysTimeCfg web endpoint enables T1190 exploitation; results in device crash/reboot enabling T1499.004 Application or System Exploitation for DoS.
NVD Description
Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
Deeper analysisAI
CVE-2025-29360 is a buffer overflow vulnerability in the Tenda RX3 router firmware version US_RX3V1.0br_V16.03.13.11_multi_TDE01. The issue resides in the /goform/SetSysTimeCfg endpoint, where the time and timeZone parameters are processed unsafely, allowing overflow conditions (CWE-120). It has a CVSS v3.1 base score of 7.5, reflecting high severity due to its potential for disruption.
Unauthenticated remote attackers can exploit this vulnerability over the network with low complexity and no user interaction required. By sending a specially crafted packet to the affected endpoint, attackers can trigger the buffer overflow, resulting in a denial-of-service condition such as device crash or reboot, with no impact on confidentiality or integrity.
Advisories and technical details are documented in references including https://github.com/2664521593/mycve/blob/main/Tenda/RX3/tenda_rx3_bof_1.pdf. Practitioners should consult these for exploit proofs, patch information, or firmware upgrade guidance from Tenda.
Details
- CWE(s)