Vulnerability Details CVE-2025-15230
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2025-15230
-
cpe:2.3:h:tenda:m3:-
-
cpe:2.3:o:tenda:m3_firmware:1.0.0.13(4903)