Cyber Resilience

CVE-2025-55613

CriticalPublic PoC

Published: 22 August 2025

Published
22 August 2025
Modified
03 September 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0016 36.5th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-55613 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Tenda O3 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 36.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-55613 is a buffer overflow vulnerability (CWE-120) affecting the Tenda O3V2 firmware version 1.0.0.12(3880). The issue resides in the fromSafeSetMacFilter function, which can be triggered via a specially crafted mac parameter. Published on 2025-08-22, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical.

Remote attackers can exploit this vulnerability without authentication or user interaction by sending a malicious request to the affected component. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially allowing arbitrary code execution and full device takeover.

Mitigation details are available in the referenced advisory at https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_58/58.md.

EU & UK References

Vulnerability details

Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Buffer overflow in the fromSafeSetMacFilter function via mac parameter in Tenda O3V2 router web interface enables remote exploitation of a public-facing application for potential RCE or DoS.

CVEs Like This One

CVE-2025-7417Same product: Tenda O3
CVE-2025-7421Same product: Tenda O3
CVE-2025-7418Same product: Tenda O3
CVE-2025-7420Same product: Tenda O3
CVE-2025-7422Same product: Tenda O3
CVE-2025-7419Same product: Tenda O3
CVE-2025-7423Same product: Tenda O3
CVE-2025-7416Same product: Tenda O3
CVE-2025-7414Same product: Tenda O3
CVE-2025-7415Same product: Tenda O3

Affected Assets

tenda
o3 firmware
1.0.0.12\(3880\)

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents buffer overflow exploitation by enforcing validation of the malicious mac parameter input to the fromSafeSetMacFilter function.

prevent

Implements memory safeguards such as non-executable stacks and address randomization to block arbitrary code execution from the buffer overflow.

prevent

Requires timely remediation of the specific buffer overflow flaw in the Tenda O3V2 firmware's fromSafeSetMacFilter function via patching.

References