Vulnerability of the cgiSysScheduleRebootSet() function (Program:/bin/httpd) in Tenda W12 and i24 router microprogramming systems, allowing a hacker to execute arbitrary code

The vulnerability of the cgiSysScheduleRebootSet function Program:/bin/httpd in the Tenda W12 and i24 router microprogramming systems is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code during the processing of the rebootDate...

CVE-2025-3803

A vulnerability was found in Tenda W12 and i24 3.0.0.42887/3.0.0.53644. It has been rated as critical. This issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. The attack may be initiated...

CVE-2025-3803

The CVE-2025-3803 vulnerability affects Tenda W12 and i24 firmware 3.0.0.4(2887)–3.0.0.5(3644). The issue resides in the cgiSysScheduleRebootSet function in /bin/httpd where manipulating the rebootDate argument causes a stack-based buffer overflow. It can be exploited remotely, and multiple sourc...

PT-2025-17380 · Tenda · Tenda I24 +1

Name of the Vulnerable Software and Affected Versions: Tenda W12 and i24 versions 3.0.0.42887 through 3.0.0.53644 Description: A critical issue affects the function cgiSysScheduleRebootSet of the file /bin/httpd. The manipulation of the argument rebootDate leads to stack-based buffer overflow. Th...