CVE Details
Basic Information
| Title | Tenda AC7 AdvSetLanip fromadvsetlanip buffer overflow |
|---|---|
| Type | cve |
| Published | 2025-06-09T04:31:06.939Z |
| Last Seen |
Product Information
| Vendor | Tenda |
|---|---|
| Product | AC7 |
| Version | 15.03.06.44 |
CVSS Information
| Base Score | 8.7 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical buffer overflow vulnerability in Tenda AC7’s fromadvsetlanip function allows remote attackers to execute arbitrary code by manipulating the lanMask argument. The vulnerability affects version 15.03.06.44 and has been publicly disclosed. |
|---|---|
| AI Severity | Critical |
| Vendor | Tenda |
| Product | AC7 |
| Affected Version | 15.03.06.44 |
Affected Products
- Tenda AC7 15.03.06.44
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-120, CWE-119 |
| Bulletin Family |
References
Description
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.