CVE-2025-3803 Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflow

🗓️ 19 Apr 2025 15:00:15Reported by VulDBType

Critical vulnerability in Tenda W12/i24 allows remote stack overflow in cgiSysScheduleRebootSet function.

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	Vulnerability of the cgiSysScheduleRebootSet() function (Program:/bin/httpd) in Tenda W12 and i24 router microprogramming systems, allowing a hacker to execute arbitrary code	23 Apr 202500:00	–	bdu_fstec
Circl	CVE-2025-3803	19 Apr 202516:02	–	circl
CNNVD	Tenda i24和Tenda W12 安全漏洞	19 Apr 202500:00	–	cnnvd
CNVD	Tenda W12 and i24 cgiSysScheduleRebootSet Stack Overflow Vulnerability	24 Apr 202500:00	–	cnvd
CVE	CVE-2025-3803	19 Apr 202515:00	–	cve
EUVD	EUVD-2025-11935	3 Oct 202520:07	–	euvd
NVD	CVE-2025-3803	19 Apr 202515:15	–	nvd
OSV	CVE-2025-3803	19 Apr 202515:15	–	osv
Positive Technologies	PT-2025-17380 · Tenda · Tenda I24 +1	8 Apr 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-3803	25 Apr 202518:43	–	redhatcve

[
  {
    "vendor": "Tenda",
    "product": "W12",
    "versions": [
      {
        "version": "3.0.0.4(2887)",
        "status": "affected"
      },
      {
        "version": "3.0.0.5(3644)",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Tenda",
    "product": "i24",
    "versions": [
      {
        "version": "3.0.0.4(2887)",
        "status": "affected"
      },
      {
        "version": "3.0.0.5(3644)",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
tenda	www.tenda.com.cn/
github	www.github.com/02Tn/vul/issues/3

19 Apr 2025 15:00Current

CVSS 48.7

CVSS 3.18.8

CVSS 38.8

CVSS 29

EPSS0.00735

cve-2025-3803 tenda w12 tenda i24 buffer overflow remote exploit