Buffer Overflow Vulnerability in Tenda AC1206 Router
CVE-2025-4299

8.7HIGH

Key Information:

Vendor

Tenda
Status
Ac1206
Vendor
CVE Published:
6 May 2025

Badges

👾 Exploit Exists

What is CVE-2025-4299?

A buffer overflow vulnerability has been identified in Tenda AC1206 routers affecting the function setSchedWifi, located in the file /goform/openSchedWifi. This weakness allows an attacker to initiate a remote exploit, potentially compromising the device's integrity. It is crucial for users with affected versions to apply security updates and mitigate risks associated with this vulnerability.

Affected Version(s)

AC1206 15.03.06.0

AC1206 15.03.06.1

AC1206 15.03.06.2

References

https://vuldb.com/?id.307403
vdb-entrytechnical-description
https://vuldb.com/?ctiid.307403
signaturepermissions-required
https://vuldb.com/?submit.563558
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • 👾

    Exploit known to exist

.
CVE-2025-4299 : Buffer Overflow Vulnerability in Tenda AC1206 Router