Tenda Ac20 Firmware vulnerabilities

CVE-2025-15356 [HIGH] CWE-119 CVE-2025-15356: A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-14656 [HIGH] CWE-119 CVE-2025-14656: A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the fil A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

CVE-2025-14655 [HIGH] CWE-119 CVE-2025-14655: A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing a manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been releas

CVE-2025-14654 [HIGH] CWE-119 CVE-2025-14654: A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formS A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

CVE-2025-13258 [HIGH] CWE-119 CVE-2025-13258: A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown fun A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.

CVE-2025-11385 [HIGH] CWE-119 CVE-2025-11385: A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-10815 [HIGH] CWE-119 CVE-2025-10815: A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the functi A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

CVE-2025-10120 [HIGH] CWE-119 CVE-2025-10120: A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function s A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is the function strcpy of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be used.

CVE-2025-9791 [HIGH] CWE-119 CVE-2025-9791: A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of A weakness has been identified in Tenda AC20 16.03.08.05. This vulnerability affects unknown code of the file /goform/fromAdvSetMacMtuWan. This manipulation of the argument wanMTU causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

CVE-2025-9089 [HIGH] CWE-119 CVE-2025-9089: A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub_48E628 A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub_48E628 of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-9090 [MEDIUM] CWE-74 CVE-2025-9090: A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-9091 [LOW] CWE-259 CVE-2025-9091: A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etc_ro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has

CVE-2025-9087 [HIGH] CWE-119 CVE-2025-9087: A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function set_qosMib_list A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and

CVE-2025-9088 [HIGH] CWE-119 CVE-2025-9088: A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_vi A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_virtualser_data of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-9046 [HIGH] CWE-119 CVE-2025-9046: A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-8939 [HIGH] CWE-119 CVE-2025-8939: A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of t A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-8940 [HIGH] CWE-119 CVE-2025-8940: A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is th A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-8810 [HIGH] CWE-119 CVE-2025-8810: A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnera A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2025-8131 [HIGH] CWE-119 CVE-2025-8131: A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by t A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be u

CVE-2025-8160 [HIGH] CWE-119 CVE-2025-8160: A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is a A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.