CVE-2025-5862 - Tenda Ac7 Firmware
Critical 9.8
A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected software
Tenda Ac7 Firmware
Reference links
- https://lavender-bicycle-a5a.notion.site/Tenda-AC7-formSetPPTPUserList-20a53a41781f806ca124cbdf99bff931
- https://lavender-bicycle-a5a.notion.site/Tenda-AC7-formSetPPTPUserList-20a53a41781f806ca124cbdf99bff931?source=copy_link
- https://vuldb.com/?ctiid.311621
- https://vuldb.com/?id.311621
- https://vuldb.com/?submit.591980
- https://www.tenda.com.cn/