CVE-2025-5629
published 2025-06-05CVE-2025-5629: A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file…
high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Handler. The manipulation of the argument startIp/endIp leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Affected
49 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |
| tenda | ac10 | — | — |