CVE-2025-7418

Name of the Vulnerable Software and Affected Versions: Tenda O3V2 version 1.0.0.12(3880)

Description: A critical issue exists in Tenda O3V2 due to a stack-based buffer overflow. The vulnerability is located in the fromPingResultGet function within the /goform/setPing file of the httpd component. Manipulation of the destIP argument can trigger the overflow, allowing for remote attacks. The exploit has been publicly disclosed.

Recommendations: Tenda O3V2 version 1.0.0.12(3880): At the moment, there is no information about a newer version that contains a fix for this vulnerability.