CVE-2025-11549

Name of the Vulnerable Software and Affected Versions Tenda W12 version 3.0.0.6(3948)

Description A flaw exists in the Tenda W12 router firmware that allows for a remote stack-based buffer overflow. The issue is located in the wifiMacFilterSet function within the HTTP Request Handler component, specifically in the /goform/modules file. The mac argument is vulnerable to manipulation, potentially leading to a crash or other unintended behavior. The exploit for this issue has been publicly disclosed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.