CNNVD-202507-2960 Information

CNNVD ID

CNNVD-202507-2960

Related CVE

CVE-2025-8060

• CNNVD Published: 2025-07-23

Description (Chinese)

Tenda AC23是中国腾达（Tenda）公司的一款双频千兆无线路由器。 Tenda AC23 16.03.07.52版本存在安全漏洞，该漏洞源于文件/goform/setMacFilterCfg中函数sub_46C940对参数deviceList的操作导致栈缓冲区溢出，可能导致远程代码执行。

Description (English)

Tenda AC23 is a dual-frequency, giga-wireless router of Tenda, China. Version 16.03.07.52 of Tenda AC 23 16.03.52 contains a security loophole resulting from the operation of the function sub 46C940 against parameter deviceList in file/goform/setMatMacFilterCfg, which resulted in the spilling of the silo buffer zone, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-07-23

Last Modified

2026-02-24

References

https://github.com/Thir0th/Thir0th-CVE/blob/main/Tenda%20AC23_V16.03.07.52_has_a_stack_overflow.md https://vuldb.com/?ctiid.317317 https://vuldb.com/?id.317317 https://vuldb.com/?submit.619604 https://www.tenda.com.cn/