CVE-2025-11550 | Tenda W12 3.0.0.6(3948) HTTP Request /goform/modules wifiScheduledSet null pointer dereference

A vulnerability labeled as critical has been found in Tenda W12 3.0.0.6(3948). The impacted element is the function wifiScheduledSet of the file /goform/modules of the component HTTP Request Handler. The manipulation of the argument wifiScheduledSet results in null pointer dereference.

This vulnerability was named CVE-2025-11550. The attack may be performed from remote. In addition, an exploit is available.VulDB Recent EntriesRead More