Tenda AC20 HTTP POST Request SetPptpServerCfg strcpy buffer overflow

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

Basic Information

ID CVE-2025-10815

Source VulDB

Published Sep 22, 2025 at 21:02

Affected Product

Vendor Tenda

Product AC20

Version 16.03.08.0

Affected Versions Tenda AC20 16.03.08.0
Tenda AC20 16.03.08.1
Tenda AC20 16.03.08.2
Tenda AC20 16.03.08.3
Tenda AC20 16.03.08.4
Tenda AC20 16.03.08.5
Tenda AC20 16.03.08.6
Tenda AC20 16.03.08.7
Tenda AC20 16.03.08.8
Tenda AC20 16.03.08.9
Tenda AC20 16.03.08.10
Tenda AC20 16.03.08.11
Tenda AC20 16.03.08.12

CWE Classification

CWE-120 CWE-119

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.",
    "published": "2025-09-22T21:02:08.431Z",
    "modified": "2025-09-22T21:02:08.431Z",
    "type": "cve",
    "title": "Tenda AC20 HTTP POST Request SetPptpServerCfg strcpy buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.325173\nhttps://vuldb.com/?ctiid.325173\nhttps://vuldb.com/?submit.654460\nhttps://github.com/Juana-2u/Tenda-AC20\nhttps://www.tenda.com.cn/",
    "id": "CVE-2025-10815",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda AC20 16.03.08.0\nTenda AC20 16.03.08.1\nTenda AC20 16.03.08.2\nTenda AC20 16.03.08.3\nTenda AC20 16.03.08.4\nTenda AC20 16.03.08.5\nTenda AC20 16.03.08.6\nTenda AC20 16.03.08.7\nTenda AC20 16.03.08.8\nTenda AC20 16.03.08.9\nTenda AC20 16.03.08.10\nTenda AC20 16.03.08.11\nTenda AC20 16.03.08.12",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AC20",
    "version": "16.03.08.0",
    "vendor": "Tenda",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Tenda AC20 HTTP POST Request SetPptpServerCfg strcpy buffer overflow_CVE-2025-10815