CVE-2025-7414

MediumPublic PoC

Published: 10 July 2025

Published

10 July 2025

Modified

29 April 2026

KEV Added

—

Patch

—

CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0574 90.5th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-7414 is a medium-severity Command Injection (CWE-77) vulnerability in Tenda O3 Firmware. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 9.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates OS command injection by requiring validation and sanitization of the untrusted domain argument in the fromNetToolGet function.

SI-2 Flaw Remediation good match

prevent

Addresses the specific flaw in Tenda O3V2 firmware version 1.0.0.12(3880) through timely identification, reporting, and remediation such as patching.

AC-6 Least Privilege partial match

prevent

Reduces impact of command injection exploits by enforcing least privilege on low-privilege authenticated sessions accessing the vulnerable httpd endpoint.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1059.004 Unix Shell Execution

Adversaries may abuse Unix shell commands and scripts for execution.

attack.mitre.org →

T1202 Indirect Command Execution Stealth

Adversaries may abuse utilities that allow for command execution to bypass security restrictions that limit the use of command-line interpreters.

attack.mitre.org →

Why these techniques?

OS command injection via unauthenticated remote web request on router httpd enables initial access through public-facing app exploitation (T1190), indirect command execution likely via ping utility (T1202), and Unix shell command execution (T1059.004).

NVD Description

A vulnerability classified as critical was found in Tenda O3V2 1.0.0.12(3880). This vulnerability affects the function fromNetToolGet of the file /goform/setPingInfo of the component httpd. The manipulation of the argument domain leads to os command injection. The attack can be…

initiated remotely. The exploit has been disclosed to the public and may be used.

Deeper analysisAI

CVE-2025-7414 is a critical vulnerability in Tenda O3V2 firmware version 1.0.0.12(3880). It affects the fromNetToolGet function within the /goform/setPingInfo file of the httpd component, where manipulation of the domain argument enables OS command injection. The issue maps to CWE-77 (Command Injection) and CWE-78 (OS Command Injection).

The vulnerability is remotely exploitable over the network with low attack complexity and requires low privileges (PR:L), with no user interaction needed and unchanged impact scope. It carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L), allowing attackers to achieve low confidentiality, integrity, and availability impacts. Through OS command injection, adversaries with authenticated low-privilege access can execute arbitrary operating system commands on the device.

Advisories and references, including GitHub disclosures with proof-of-concept code and VulDB entries, confirm the exploit has been publicly released and may be actively used. No vendor patches or specific mitigation steps are detailed in the provided information.

Details

CWE(s): CWE-77 CWE-78

Affected Products

tenda

o3 firmware

1.0.0.12\(3880\)

CVEs Like This One

CVE-2025-7415Same product: Tenda O3

CVE-2025-7422Same product: Tenda O3

CVE-2025-7421Same product: Tenda O3

CVE-2025-7423Same product: Tenda O3

CVE-2025-55613Same product: Tenda O3

CVE-2025-7420Same product: Tenda O3

CVE-2025-7417Same product: Tenda O3

CVE-2025-7419Same product: Tenda O3

CVE-2025-7418Same product: Tenda O3

CVE-2025-7416Same product: Tenda O3

References

https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md
Exploit, Third Party Advisory · cna@vuldb.com
https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.315874
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.315874
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.608855
Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com
https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0
https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0