CVE-2025-5861 - Tenda Ac7 Firmware
Critical 9.8
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected software
Tenda Ac7 Firmware
Reference links
- https://lavender-bicycle-a5a.notion.site/Tenda-AC7-fromadvsetlanip-20a53a41781f80038f4fc4b9d927eb9a
- https://lavender-bicycle-a5a.notion.site/Tenda-AC7-fromadvsetlanip-20a53a41781f80038f4fc4b9d927eb9a?source=copy_link
- https://vuldb.com/?ctiid.311620
- https://vuldb.com/?id.311620
- https://vuldb.com/?submit.591960
- https://www.tenda.com.cn/