CVE-2025-29358

CWE-120 — Classic Buffer Overflow4 documents4 sources

Severity

7.5HIGH

EPSS

0.1%

top 73.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tenda RX3 Firmware

Timeline

PublishedMar 13

Latest updateOct 10

Description

Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDtenda/rx3_firmware16.03.13.11_multi_tde01

🔴Vulnerability Details

GHSA

GHSA-f7g9-932q-g34j: Tenda RX3 US_RX3V1↗2025-03-13

▶

CVEList

CVE-2025-29358: Tenda RX3 US_RX3V1↗2025-03-13

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Tenda SetFirewallCfg firewallEn Parameter Buffer Overflow Attempt (CVE-2025-8810, CVE-2025-29358, CVE-2025-1851, CVE-2024-2809)↗2025-10-10

▶