CNNVD-202508-3612 Information

Aug 29, 2025 cve

CNNVD ID

CNNVD-202508-3612

CVE-2025-9605

CNNVD Published: 2025-08-29

Description (Chinese)

Tenda AC23和Tenda AC21都是中国腾达（Tenda）公司的产品。Tenda AC23是一款双频千兆无线路由器。Tenda AC21是一款无线路由器。 Tenda AC23和Tenda AC21 16.03.08.16版本存在安全漏洞，该漏洞源于文件/goform/GetParentControlInfo中参数mac的错误操作导致栈缓冲区溢出。

Description (English)

Tenda AC23 and Tenda AC21 are products of Tenda China. Tenda AC23 is a double-frequency gigabyte-free router. Tenda AC21 is a wireless router. There is a security loophole in versions Tenda AC23 and Tenda AC21 16.03.08.16, which stems from the error of the MAC in the document/goform/GetParentControlInfo, resulting in the spilling out of the buffer zone.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-08-29

Last Modified

2026-02-24

References

https://github.com/XXRicardo/iot-cve/blob/main/Tenda/AC23/Stack-Based%20Buffer%20Overflow%20in%20Tenda%20Wi-Fi%205%20Router%20AC23%EF%BC%88AC23V1.0re_V16.03.07.52%EF%BC%89.md https://github.com/XXRicardo/iot-cve/blob/main/Tenda/AC21/AC21V1.0re_V16.03.08.16.md https://www.tenda.com.cn/ https://vuldb.com/?submit.636548 https://vuldb.com/?submit.636545 https://vuldb.com/?id.321783 https://vuldb.com/?ctiid.321783 https://nvd.nist.gov/vuln/detail/CVE-2025-9605

Share on: