Buffer Overflow Vulnerability in Tenda AC10 Router
CVE-2025-25458

Currently unrated

Key Information:

Vendor: Tenda
Status: AC10
Vendor: CVE Published:; 15 April 2025

Summary

The Tenda AC10 router, specifically version V4.0si_V16.03.10.20, is exposed to a buffer overflow vulnerability in its AdvSetMacMtuWan function. This vulnerability can potentially allow an attacker to execute arbitrary code, leading to unauthorized access and control over the device. This issue arises due to improper handling of the serverName2 parameter, which, if exploited, could compromise the integrity of the network configuration and user data.

References

https://github.com/xyqer1/Tenda-AC10-AdvSetMacMtuWan-serv...

https://gist.github.com/xyqer1/d195ea1eb37ba1cc5f709b1d4f...

Timeline

Vulnerability published
Apr 15, 2025
Vulnerability Reserved
Feb 7, 2025