CNNVD-202510-1370 Information

CNNVD ID

CNNVD-202510-1370

Related CVE

CVE-2025-11528

• CNNVD Published: 2025-10-09

Description (Chinese)

Tenda AC7是中国腾达（Tenda）公司的一款无线路由器。 Tenda AC7 15.03.06.44版本存在安全漏洞，该漏洞源于文件/goform/saveAutoQos中参数enable的操作导致栈缓冲区溢出，可能导致远程执行任意代码。

Description (English)

Tenda AC7 is a wireless router of Tenda, China. There is a security loophole in version Tenda AC7 15.03.06.44, which stems from the operation of the parameter enable in document/goform/saveAutoQos, which led to the spilling of the silo buffer zone, which could lead to the remote implementation of any code.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

腾达

Published

2025-10-09

Last Modified

2026-02-24

References

https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC7/saveAutoQos.md https://vuldb.com/?ctiid.327666 https://vuldb.com/?id.327666 https://vuldb.com/?submit.669859 https://www.tenda.com.cn/