CNNVD-202508-1838 Information

Aug 15, 2025 cve

CNNVD ID

CNNVD-202508-1838

CVE-2025-9023

CNNVD Published: 2025-08-15

Description (Chinese)

Tenda AC7和Tenda AC18都是中国腾达（Tenda）公司的产品。Tenda AC7是一款无线路由器。Tenda AC18是一款路由器。 Tenda AC7和Tenda AC18 15.03.05.19版本和15.03.06.44版本存在安全漏洞，该漏洞源于/goform/SetLEDCfg文件中formSetSchedLed函数对参数Time处理不当导致缓冲区溢出。

Description (English)

Tenda AC7 and Tenda AC18 are products of Tenda China. Tenda AC7 is a wireless router. Tenda AC18 is a router. Security gaps exist in the versions of Tenda AC7 and Tenda AC18 15.03.05.19 and 15.03.06.44, which stem from the spilling of the buffer zone as a result of the inappropriate handling of the FormSetSchedLed function in the document /goform/SetLEDCfg.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-08-15

Last Modified

2026-02-24

References

https://vuldb.com/?submit.629696 https://www.tenda.com.cn/ https://vuldb.com/?submit.629692 https://vuldb.com/?id.320088 https://vuldb.com/?ctiid.320088 https://github.com/zezhifu1/cve_report/blob/main/AC7/formsetschedled.md https://github.com/zezhifu1/cve_report/blob/main/AC18/formsetschedled.md https://nvd.nist.gov/vuln/detail/CVE-2025-9023 https://access.redhat.com/security/cve/cve-2025-9023

Share on: