CNNVD-202509-3229 Information

Sep 22, 2025 cve

CNNVD ID

CNNVD-202509-3229

CVE-2025-10815

CNNVD Published: 2025-09-22

Description (Chinese)

Tenda AC20是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC20 16.03.08.12及之前版本存在安全漏洞，该漏洞源于HTTP POST请求处理组件中/goform/SetPptpServerCfg文件的strcpy函数对参数startIp操作不当，可能导致缓冲区溢出。

Description (English)

Tenda AC20 is a wireless router of Tenda China. There is a security loophole in Tenda AC20 16.03.08.12 and earlier versions, which stems from the inappropriate operation of the stcpy function of the /goform/SetPttpServerCfg file in the HTTTP POST request processing component to the parameter startIp, which may result in spilling over the buffer zone.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-09-22

Last Modified

2026-02-24

References

https://github.com/Juana-2u/Tenda-AC20 https://vuldb.com/?ctiid.325173 https://vuldb.com/?id.325173 https://www.tenda.com.cn/ https://vuldb.com/?submit.654460 https://access.redhat.com/security/cve/cve-2025-10815

Share on: