CVE-2025-29462Classic Buffer Overflow in Ac15 Firmware

CWE-120Classic Buffer Overflow3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 36.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda Ac15 Firmware
Timeline
PublishedApr 3

Description

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDtenda/ac15_firmware15.13.07.13

🔴Vulnerability Details

2
GHSA
GHSA-chv8-32cq-8ghq: A buffer overflow vulnerability has been discovered in Tenda Ac15 V152025-04-03
CVEList
CVE-2025-29462: A buffer overflow vulnerability has been discovered in Tenda Ac15 V152025-04-03
CVE-2025-29462 — Classic Buffer Overflow in Tenda | cvebase