CVE-2025-12595

CWE-119 — Buffer Overflow CWE-120 — Classic Buffer Overflow3 documents3 sources

Severity

7.4HIGH

EPSS

0.2%

top 52.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tenda Ac23 Tenda Ac23 Firmware

Timeline

PublishedNov 2

Description

A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5tenda/ac2316.03.07.52

▶NVDtenda/ac23_firmware16.03.07.52

🔴Vulnerability Details

CVEList

Tenda AC23 SetVirtualServerCfg formSetVirtualSer buffer overflow↗2025-11-02

▶

GHSA

GHSA-58m9-jw89-557f: A weakness has been identified in Tenda AC23 16↗2025-11-02

▶