PT-2025-12356 · Tenda · Tenda Ax12

Published

2025-03-20

Updated

2025-03-22

CVE-2025-29214

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Tenda AX12 version 22.03.01.46 CN

Description A stack overflow issue was discovered in the sub 42F69C function at the "/goform/setMacFilterCfg" API endpoint. This issue can be exploited, potentially leading to unintended consequences.

Recommendations For Tenda AX12 version 22.03.01.46 CN, consider restricting access to the "/goform/setMacFilterCfg" API endpoint until a patch is available. As a temporary workaround, disabling the sub 42F69C function may help mitigate the risk of exploitation.

Exploit

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2025-05893

CVE-2025-29214

Affected Products

Tenda Ax12

PT-2025-12356 · Tenda · Tenda Ax12

CVE-2025-29214

Weakness Enumeration

Related Identifiers

Affected Products

References · 8