VYPR
Unrated severityNVD Advisory· Published Sep 22, 2025· Updated Sep 23, 2025

Tenda AC20 HTTP POST Request SetPptpServerCfg strcpy buffer overflow

CVE-2025-10815

Description

A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Tenda/Ac20llm-fuzzy2 versions
    <=16.03.08.12+ 1 more
    • (no CPE)range: <=16.03.08.12
    • (no CPE)range: 16.03.08.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.