VYPR
Unrated severityNVD Advisory· Published Nov 3, 2025· Updated Feb 24, 2026

Tenda AC21 SetPptpServerCfg formSetPPTPServer buffer overflow

CVE-2025-12611

Description

A vulnerability was identified in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.