CVE-2025-4298
published 2025-05-06CVE-2025-4298: A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file…
high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206 | — | — |
| tenda | ac1206_firmware | <= 15.03.06.23 | — |