CVE-2025-15252 | Tenda M3 1.0.0.13(4903) /goform/setDhcpAP formSetRemoteDhcpForAp startip/endip/leasetime/gateway/dns1/dns2 stack-based overflow

A vulnerability identified as critical has been detected in Tenda M3 1.0.0.13(4903). The affected element is the function formSetRemoteDhcpForAp of the file /goform/setDhcpAP. This manipulation of the argument startip/endip/leasetime/gateway/dns1/dns2 causes stack-based buffer overflow.

This vulnerability is handled as CVE-2025-15252. The attack can be initiated remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More