Buffer Overflow Vulnerability in Tenda AC10 Router
CVE-2025-25674

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: AC10
Vendor: CVE Published:; 20 February 2025

Summary

The Tenda AC10 router version V15.03.06.23 is exposed to a buffer overflow vulnerability in the form_fast_setting_wifi_set function. This occurs when the user-provided SSID is manipulated, allowing an attacker to potentially execute arbitrary code or crash the device. It is crucial for users to be aware of this flaw and ensure timely updates or patches to mitigate security risks.

References

https://github.com/jangfan/my-vuln/blob/main/Tenda/AC10V1...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Feb 7, 2025