VYPR
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Feb 24, 2026

Tenda AC20 PowerSaveSet sscanf buffer overflow

CVE-2025-15356

Description

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Affected products

2
  • Tenda/Ac20v52 versions
    cpe:2.3:o:tenda:ac20_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:tenda:ac20_firmware:*:*:*:*:*:*:*:*range: 16.03.08.0
    • (no CPE)range: <=16.03.08.12

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.