CVE-2025-12211 – This vulnerability allows remote attackers to e... (How to Fix)

Q: What is the severity of CVE-2025-12211?

CVE-2025-12211 has a CVSS score of 8.8 (HIGH). This vulnerability allows remote attackers to execute arbitrary code on Tenda O3 routers via a stack-based buffer overflow in the DMZ configuration function. Attackers can exploit this flaw without authentication to potentially take full control of affected devices. All users running Tenda O3 firmware version 1.0.0.10(2478) are affected.

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code on Tenda O3 routers via a stack-based buffer overflow in the DMZ configuration function. Attackers can exploit this flaw without authentication to potentially take full control of affected devices. All users running Tenda O3 firmware version 1.0.0.10(2478) are affected.

💻 Affected Systems

Products:

Tenda O3 router

Versions: 1.0.0.10(2478)

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running this specific firmware version are vulnerable regardless of configuration.

📦 What is this software?

O3 Firmware1.0.0.10\(2478\) by Tenda

View all CVEs affecting O3 Firmware1.0.0.10\(2478\) →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise leading to persistent backdoor installation, network traffic interception, lateral movement to other devices, and botnet recruitment.

🟠

Likely Case

Remote code execution allowing attackers to modify router settings, intercept traffic, or use the device as a pivot point for further attacks.

🟢

If Mitigated

Limited impact if devices are behind firewalls with strict inbound filtering, though internal network compromise remains possible.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable without authentication and public exploit code exists.

🏢 Internal Only: HIGH - Even internally, the vulnerability can be exploited by any network user to compromise the router.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available on GitHub, making exploitation trivial for attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates 2. Download latest firmware 3. Access router admin interface 4. Upload and install firmware update 5. Reboot router

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router administration interface

Network segmentation

all

Isolate router management interface to separate VLAN

🧯 If You Can't Patch

Replace affected devices with patched or alternative models
Implement strict network access controls to limit exposure to router management interface

🔍 How to Verify

Check if Vulnerable:

Access router web interface, navigate to System Status or About page, check firmware version matches 1.0.0.10(2478)

Check Version:

curl -s http://router-ip/goform/getStatus | grep version

Verify Fix Applied:

After firmware update, verify version no longer matches vulnerable version

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/setDmzInfo with long dmzIP parameters
Multiple failed authentication attempts followed by DMZ configuration changes

Network Indicators:

Unusual outbound connections from router to unknown IPs
Traffic patterns suggesting router compromise

SIEM Query:

source="router_logs" AND uri="/goform/setDmzInfo" AND (dmzIP.length>50 OR status=500)

📊 Metadata

CVE ID: CVE-2025-12211

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

EPSS Score: 0.16% exploit probability (36.9th percentile)

Published: October 27, 2025

Last Updated: February 24, 2026

🔗 References

https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setDmzInfo.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.329881 Permissions Required,VDB Entry
https://vuldb.com/?id.329881 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.673265 Third Party Advisory,VDB Entry
https://www.tenda.com.cn/ Product
https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/O3v2.0/setDmzInfo.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-12211, you might also want to check these: