Sign-up

ID

VAR-202503-2702


CVE

CVE-2025-29217


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  w18e  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630

DESCRIPTION

Tenda W18E v2.0 v16.01.0.11 was discovered to contain a stack overflow in the wifiSSID parameter at /goform/setModules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. Shenzhen Tenda Technology Co.,Ltd. of w18e A stack-based buffer overflow vulnerability exists in the firmware.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-29217 // JVNDB: JVNDB-2025-002630

AFFECTED PRODUCTS

vendor:tendamodel:w18escope:eqversion:16.01.0.11

Trust: 1.0

vendor:tendamodel:w18escope: - version: -

Trust: 0.8

vendor:tendamodel:w18escope:eqversion: -

Trust: 0.8

vendor:tendamodel:w18escope:eqversion:w18e firmware 16.01.0.11

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630 // NVD: CVE-2025-29217

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-29217
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2025-002630
value: MEDIUM

Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-29217
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-002630
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630 // NVD: CVE-2025-29217

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630 // NVD: CVE-2025-29217

EXTERNAL IDS

db:NVDid:CVE-2025-29217

Trust: 2.6

db:JVNDBid:JVNDB-2025-002630

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630 // NVD: CVE-2025-29217

REFERENCES

url:http://w18e.com

Trust: 1.8

url:https://gist.github.com/isstabber/d170f68bd85ed97e66ff316e57634b99

Trust: 1.8

url:https://www.tenda.com.cn/

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2025-29217

Trust: 0.8

sources: JVNDB: JVNDB-2025-002630 // NVD: CVE-2025-29217

SOURCES

db:JVNDBid:JVNDB-2025-002630
db:NVDid:CVE-2025-29217

LAST UPDATE DATE

2025-03-29T23:37:34.474000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2025-002630date:2025-03-27T02:12:00
db:NVDid:CVE-2025-29217date:2025-03-25T17:38:28.670

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2025-002630date:2025-03-27T00:00:00
db:NVDid:CVE-2025-29217date:2025-03-20T19:15:37.680