CVE 8.7 HIGH

Tenda A15 openNetworkGateway fromSetWirelessRepeat buffer overflow_CVE-2025-12619

November 3, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

AI Analysis

Buffer overflow in Tenda A15 due to the manipulation of the wpapsk_crypto2_4g argument in the fromSetWirelessRepeat function, allowing remote exploitation.

Basic Information

ID CVE-2025-12619

Source VulDB

Published Nov 3, 2025 at 07:02

Affected Product

Vendor Tenda

Product A15

Version 15.13.07.13

Affected Versions Tenda A15 15.13.07.13

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Tenda

Product A15

Version 15.13.07.13

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Tenda A15 15.13.07.13. Affected is the function fromSetWirelessRepeat of the file /goform/openNetworkGateway. The manipulation of the argument wpapsk_crypto2_4g results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.",
    "published": "2025-11-03T07:02:11.692Z",
    "modified": "2025-11-03T07:02:11.692Z",
    "type": "cve",
    "title": "Tenda A15 openNetworkGateway fromSetWirelessRepeat buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.330913\nhttps://vuldb.com/?ctiid.330913\nhttps://vuldb.com/?submit.678888\nhttps://www.yuque.com/ba1ma0-an29k/nnxoap/tzg68iadbmqx6esm?singleDoc\nhttps://pan.baidu.com/s/1N5pzWOYFGl7KGuh9yjlDHg\nhttps://www.tenda.com.cn/",
    "id": "CVE-2025-12619",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Tenda A15 15.13.07.13",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "A15",
    "version": "15.13.07.13",
    "vendor": "Tenda",
    "ai_description": "Buffer overflow in Tenda A15 due to the manipulation of the wpapsk_crypto2_4g argument in the fromSetWirelessRepeat function, allowing remote exploitation.",
    "ai_severity": "High",
    "ai_vendor": "Tenda",
    "ai_product": "A15",
    "ai_version": "15.13.07.13",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply