CNNVD-202508-1980 Information
CNNVD ID
CNNVD-202508-1980
Related CVE
- CNNVD Published: 2025-08-16
Description (Chinese)
Tenda AC20是中国腾达(Tenda)公司的一款无线路由器。 Tenda AC20 16.03.08.12版本存在安全漏洞,该漏洞源于/goform/SetNetControlList文件中set_qosMib_list函数对参数list处理不当导致栈缓冲区溢出。
Description (English)
Tenda AC20 is a wireless router of Tenda China. Version 16.03.08.12 of Tenda AC 16.03.8.12 contains a security loophole that originates from the fact that the set qosMib list function in the /goform/SetNetControllList file does not properly address the parameter list resulting in the spilling of the silo buffer.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
腾达
Published
2025-08-16
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.320355 https://vuldb.com/?submit.632037 https://github.com/ZZ2266/.github.io/tree/main/AC20/formSetQosBand#poc-python-exploit-script https://www.tenda.com.cn/ https://vuldb.com/?id.320355 https://nvd.nist.gov/vuln/detail/CVE-2025-9087 https://access.redhat.com/security/cve/cve-2025-9087
Share on: