CVE-2025-15233 | Tenda M3 1.0.0.13(4903) /goform/setAdInfoDetail formSetAdInfoDetails heap-based overflow

A vulnerability labeled as critical has been found in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow.

This vulnerability was named CVE-2025-15233. The attack may be performed from remote. In addition, an exploit is available.VulDB Recent EntriesRead More