CNNVD-202508-1981 Information
CNNVD ID
CNNVD-202508-1981
Related CVE
- CNNVD Published: 2025-08-16
Description (Chinese)
Tenda AC20是中国腾达(Tenda)公司的一款无线路由器。 Tenda AC20 16.03.08.12版本存在安全漏洞,该漏洞源于/goform/formSetVirtualSer文件中save_virtualser_data函数对参数list处理不当导致栈缓冲区溢出。
Description (English)
Tenda AC20 is a wireless router of Tenda China. Version 16.03.08.12 of Tenda AC 16.03.8.12 contains a security gap resulting from the spilling of the silo buffer as a result of the improper handling of parameters in the Save virtualser data function in the /goform/formSetVirtualSer file.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
腾达
Published
2025-08-16
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.320356 https://vuldb.com/?submit.632038 https://github.com/ZZ2266/.github.io/tree/main/AC20/formSetVirtualSer https://www.tenda.com.cn/ https://github.com/ZZ2266/.github.io/tree/main/AC20/formSetVirtualSer#poc-python-exploit-script https://vuldb.com/?id.320356 https://nvd.nist.gov/vuln/detail/CVE-2025-9088 https://access.redhat.com/security/cve/cve-2025-9088
Share on: