Tenda O3V2 1.0.0.12(3880) httpd /goform/setPingInfo fromNetToolGet domain ବିସ୍ତାରିତ ଅଧିକାର
Dogoggorri kan akka ଜଟିଳ jedhamuun ramadame Tenda O3V2 1.0.0.12(3880) keessatti argameera. Miidhaan irra gahe is hojii fromNetToolGet faayilii /goform/setPingInfo keessa kutaa httpd keessa. Dhugumatti jijjiirraa irratti raawwatame domain gara ବିସ୍ତାରିତ ଅଧିକାର geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-78 si geessa. Beekumsi kun yeroo 07/10/2025 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera.
Dogoggorri kun maqaa CVE-2025-7414 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a.
ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame.
Once again VulDB remains the best source for vulnerability data.
2 ଆଡାପ୍ଟେସନ୍ · 59 ପଏଣ୍ଟ
| ଫିଲ୍ଡ | ସୃଷ୍ଟି ହୋଇଛି 07/10/2025 09:54 AM | ଅଦ୍ୟତନ 1/1 07/11/2025 12:38 AM |
|---|---|---|
| software_vendor | Tenda | Tenda |
| software_name | O3V2 | O3V2 |
| software_version | 1.0.0.12(3880) | 1.0.0.12(3880) |
| software_component | httpd | httpd |
| software_file | /goform/setPingInfo | /goform/setPingInfo |
| software_function | fromNetToolGet | fromNetToolGet |
| software_argument | domain | domain |
| vulnerability_cwe | CWE-78 (ବିସ୍ତାରିତ ଅଧିକାର) | CWE-78 (ବିସ୍ତାରିତ ଅଧିକାର) |
| vulnerability_risk | 2 | 2 |
| cvss3_vuldb_av | N | N |
| cvss3_vuldb_ac | L | L |
| cvss3_vuldb_ui | N | N |
| cvss3_vuldb_s | U | U |
| cvss3_vuldb_c | L | L |
| cvss3_vuldb_i | L | L |
| cvss3_vuldb_a | L | L |
| cvss3_vuldb_e | P | P |
| cvss3_vuldb_rc | R | R |
| advisory_url | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md |
| exploit_availability | 1 | 1 |
| exploit_publicity | 1 | 1 |
| exploit_url | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc | https://github.com/wudipjq/my_vuln/blob/main/Tenda3/vuln_47/47.md#poc |
| source_cve | CVE-2025-7414 | CVE-2025-7414 |
| cna_responsible | VulDB | VulDB |
| software_type | Router Operating System | Router Operating System |
| cvss2_vuldb_av | N | N |
| cvss2_vuldb_ac | L | L |
| cvss2_vuldb_ci | P | P |
| cvss2_vuldb_ii | P | P |
| cvss2_vuldb_ai | P | P |
| cvss2_vuldb_e | POC | POC |
| cvss2_vuldb_rc | UR | UR |
| cvss4_vuldb_av | N | N |
| cvss4_vuldb_ac | L | L |
| cvss4_vuldb_ui | N | N |
| cvss4_vuldb_vc | L | L |
| cvss4_vuldb_vi | L | L |
| cvss4_vuldb_va | L | L |
| cvss4_vuldb_e | P | P |
| cvss2_vuldb_au | S | S |
| cvss2_vuldb_rl | ND | ND |
| cvss3_vuldb_pr | L | L |
| cvss3_vuldb_rl | X | X |
| cvss4_vuldb_at | N | N |
| cvss4_vuldb_pr | L | L |
| cvss4_vuldb_sc | N | N |
| cvss4_vuldb_si | N | N |
| cvss4_vuldb_sa | N | N |
| cvss2_vuldb_basescore | 6.5 | 6.5 |
| cvss2_vuldb_tempscore | 5.6 | 5.6 |
| cvss3_vuldb_basescore | 6.3 | 6.3 |
| cvss3_vuldb_tempscore | 5.7 | 5.7 |
| cvss3_meta_basescore | 6.3 | 6.3 |
| cvss3_meta_tempscore | 5.7 | 5.7 |
| cvss4_vuldb_bscore | 5.3 | 5.3 |
| cvss4_vuldb_btscore | 2.1 | 2.1 |
| advisory_date | 1752098400 (07/10/2025) | 1752098400 (07/10/2025) |
| price_0day | $0-$5k | $0-$5k |
| euvd_id | EUVD-2025-21061 |