CNNVD-202509-2249 Information

CNNVD ID

CNNVD-202509-2249

Related CVE

CVE-2025-10443

• CNNVD Published: 2025-09-15

Description (Chinese)

Tenda AC9和Tenda AC15都是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC9和Tenda AC15 15.03.05.14版本和15.03.05.18版本存在安全漏洞，该漏洞源于对文件/goform/exeCommand中参数cmdinput的错误操作，可能导致缓冲区溢出。

Description (English)

Tenda AC9 and Tenda AC15 are both Tenda’s wireless routers. There is a security loophole in the versions of Tenda AC9 and Tenda AC15 15.03.05.14 and 15.03.05.18, which stems from a mishandling of the parameters and cdinput in the document/goform/exeComand, which could lead to a spilling of the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-09-15

Last Modified

2026-02-24

References

https://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC15_AC9_Bof.md https://github.com/2664521593/mycve/blob/main/Tenda/Tenda_AC15_AC9_Bof.md#poc https://vuldb.com/?ctiid.323877 https://vuldb.com/?id.323877 https://vuldb.com/?submit.647840 https://www.tenda.com.cn/