Buffer Overflow in Tenda AC15 Router Affects Wireless Functionality
CVE-2025-3786

8.8HIGH

Key Information:

Vendor: Tenda
Status: AC15 Router
Vendor: CVE Published:; 18 April 2025

Summary

A buffer overflow vulnerability has been discovered in the Tenda AC15 router, specifically within the fromSetWirelessRepeat function in the /goform/WifiExtraSet file. This weakness allows an attacker to manipulate the MAC address argument, potentially leading to unauthorized access and exploitation. The vulnerability can be exploited remotely, posing significant risks to the integrity of the device. Users are encouraged to review their router configurations and apply any available security updates to mitigate potential threats.

References

https://github.com/CH13hh/cve/tree/AC15WifiExtraSet

https://vuldb.com/?ctiid.305609

https://vuldb.com/?id.305609

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 18, 2025