CNNVD-202508-1982 Information

Aug 17, 2025 cve

CNNVD ID

CNNVD-202508-1982

CVE-2025-9089

CNNVD Published: 2025-08-17

Description (Chinese)

Tenda AC20是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC20 16.03.08.12版本存在安全漏洞，该漏洞源于/goform/SetIpMacBind文件中sub_48E628函数对参数list处理不当导致栈缓冲区溢出。

Description (English)

Tenda AC20 is a wireless router of Tenda China. Version 16.03.08.12 of Tenda AC16.08.12 contains a security loophole resulting from an error in the handling of the parameter list in the sub 48E628 file/goform/SetIpMacBind, resulting in the spilling of the silo buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-08-17

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.320357 https://vuldb.com/?submit.632039 https://github.com/ZZ2266/.github.io/blob/main/AC20/fromSetIpMacBind/readme.md#poc-python-exploit-script https://www.tenda.com.cn/ https://vuldb.com/?id.320357 https://nvd.nist.gov/vuln/detail/CVE-2025-9089 https://access.redhat.com/security/cve/cve-2025-9089

Share on: