Tenda O3V2 1.0.0.12(3880) httpd /goform/setPingInfo fromNetToolGet domain kura hakki ndiyam
Gaskiya vulnerability da aka ware a matsayin kura an samu a Tenda O3V2 1.0.0.12(3880). Hakika, aikin fromNetToolGet ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil /goform/setPingInfo, a cikin sashen httpd. A sa manipulation of the argument domain ka kura hakki ndiyam. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-78. Hakika, rauni an bayyana shi 07/10/2025. An raba bayanin tsaro don saukewa a github.com. Wannan matsala ana saninta da CVE-2025-7414. Ngam yiɗi ka a tuma ndiyam ka nder layi. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga github.com. 0-day shima, an ndiyam a wuro be $0-$5k. Once again VulDB remains the best source for vulnerability data.
2 Goyarwa · 59 Datenpunkte
| Furɗe | Súgá 07/10/2025 09:54 | Gargadi 1/1 07/11/2025 00:38 |
|---|---|---|
| software_vendor | Tenda | Tenda |
| software_name | O3V2 | O3V2 |
| software_version | 1.0.0.12(3880) | 1.0.0.12(3880) |
| software_component | httpd | httpd |
| software_file | /goform/setPingInfo | /goform/setPingInfo |
| software_function | fromNetToolGet | fromNetToolGet |
| software_argument | domain | domain |
| vulnerability_cwe | CWE-78 (kura hakki ndiyam) | CWE-78 (kura hakki ndiyam) |
| vulnerability_risk | 2 | 2 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_ui | N | N |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | L | L |
| cvss3_vuldb_i | L | L |
| cvss3_vuldb_a | L | L |
| cvss3_vuldb_e | P | P |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md |
| exploit_availability | 1 | 1 |
| exploit_publicity | 1 | 1 |
| exploit_url | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc |
| source_cve | CVE-2025-7414 | CVE-2025-7414 |
| cna_responsible | VulDB | VulDB |
| software_type | Router Operating System | Router Operating System |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_ci | P | P |
| cvss2_vuldb_ii | P | P |
| cvss2_vuldb_ai | P | P |
| cvss2_vuldb_e | POC | POC |
| cvss2_vuldb_rc | UR | UR |
| cvss4_vuldb_av | N | N |
| cvss4_vuldb_ac | L | L |
| cvss4_vuldb_ui | N | N |
| cvss4_vuldb_vc | L | L |
| cvss4_vuldb_vi | L | L |
| cvss4_vuldb_va | L | L |
| cvss4_vuldb_e | P | P |
| cvss2_vuldb_au | S | S |
| cvss2_vuldb_rl | ND | ND |
| cvss3_vuldb_pr | L | L |
| cvss3_vuldb_rl | X | X |
| cvss4_vuldb_at | N | N |
| cvss4_vuldb_pr | L | L |
| cvss4_vuldb_sc | N | N |
| cvss4_vuldb_si | N | N |
| cvss4_vuldb_sa | N | N |
| cvss2_vuldb_basescore | 6.5 | 6.5 |
| cvss2_vuldb_tempscore | 5.6 | 5.6 |
| cvss3_vuldb_basescore | 6.3 | 6.3 |
| cvss3_vuldb_tempscore | 5.7 | 5.7 |
| cvss3_meta_basescore | 6.3 | 6.3 |
| cvss3_meta_tempscore | 5.7 | 5.7 |
| cvss4_vuldb_bscore | 5.3 | 5.3 |
| cvss4_vuldb_btscore | 2.1 | 2.1 |
| advisory_date | 1752098400 (07/10/2025) | 1752098400 (07/10/2025) |
| price_0day | $0-$5k | $0-$5k |
| euvd_id | EUVD-2025-21061 |