CVE-2025-51085

CWE-121 ā€” Stack-based Buffer Overflow4 documents4 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 60.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Tenda AC8 Firmware
Timeline
PublishedJul 24
Latest updateJul 25

Description

Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

ā–¶NVDtenda/ac8_firmware16.03.34.06

šŸ”“Vulnerability Details

2
CVEList
CVE-2025-51085: Tenda AC8V4 V16ā†—2025-07-24
ā–¶
GHSA
GHSA-g2qh-fgm2-83wp: Tenda AC8V4 V16ā†—2025-07-24
ā–¶

šŸ”Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Tenda SetSysTimeCfg timeZone Parameter Buffer Overflow Attempt (CVE-2025-51085, CVE-2025-8160)ā†—2025-07-25
ā–¶
CVE-2025-51085 (MEDIUM CVSS 5.3) | Tenda AC8V4 V16.03.34.06` was disco | cvebase.io