CVE-2025-29360 – Tenda RX3 routers running specific firmware ver... (How to Fix)

Q: What is the severity of CVE-2025-29360?

CVE-2025-29360 has a CVSS score of 7.5 (HIGH). Tenda RX3 routers running specific firmware versions contain a buffer overflow vulnerability in the time configuration function. Attackers can send specially crafted packets to cause denial of service, potentially crashing the router. This affects all users of Tenda RX3 routers with vulnerable firmware.

📋 TL;DR

Tenda RX3 routers running specific firmware versions contain a buffer overflow vulnerability in the time configuration function. Attackers can send specially crafted packets to cause denial of service, potentially crashing the router. This affects all users of Tenda RX3 routers with vulnerable firmware.

💻 Affected Systems

Products:

Tenda RX3 router

Versions: US_RX3V1.0br_V16.03.13.11_multi_TDE01 and likely earlier versions

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration when web management interface is enabled

📦 What is this software?

Rx3 Firmware by Tenda

View all CVEs affecting Rx3 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete router crash requiring physical reboot, potential remote code execution if buffer overflow can be controlled precisely

🟠

Likely Case

Router becomes unresponsive, requiring reboot to restore functionality

🟢

If Mitigated

No impact if router is behind firewall blocking external access to management interface

🌐 Internet-Facing: HIGH - Routers are typically internet-facing devices with web management interfaces exposed

🏢 Internal Only: MEDIUM - Internal attackers could still exploit if they have network access

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires sending crafted HTTP POST request to /goform/SetSysTimeCfg endpoint with malicious time/timeZone parameters

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Tenda for updated firmware version

Vendor Advisory: Not provided in CVE references

Restart Required: Yes

Instructions:

1. Log into Tenda router web interface. 2. Navigate to System Tools > Firmware Upgrade. 3. Download latest firmware from Tenda website. 4. Upload and install firmware update. 5. Reboot router after installation.

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router web interface

Log into router > Advanced > System Tools > Remote Management > Disable

Restrict management interface access

all

Limit which IP addresses can access router management

Log into router > Advanced > Security > Access Control > Add allowed IPs only

🧯 If You Can't Patch

Place router behind firewall with strict inbound rules
Disable web management interface entirely if not needed

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in web interface under System Status

Check Version:

curl -s http://router-ip/goform/getStatus | grep version

Verify Fix Applied:

Verify firmware version is newer than US_RX3V1.0br_V16.03.13.11_multi_TDE01

📡 Detection & Monitoring

Log Indicators:

Multiple POST requests to /goform/SetSysTimeCfg
Router crash/reboot logs
Unusual time parameter values in web logs

Network Indicators:

HTTP POST requests to /goform/SetSysTimeCfg with unusually long time/timeZone parameters
Router becoming unresponsive after such requests

SIEM Query:

source="router_logs" AND (uri_path="/goform/SetSysTimeCfg" AND content_length>100)

📊 Metadata

CVE ID: CVE-2025-29360

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.09% exploit probability (25.3th percentile)

Published: March 13, 2025

Last Updated: August 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-29360, you might also want to check these: