Unrated severityNVD Advisory· Published Apr 7, 2025· Updated Apr 7, 2025
Tenda AC7 SetPptpServerCfg formSetPPTPServer buffer overflow
CVE-2025-3346
Description
A vulnerability was found in Tenda AC7 15.03.06.44. It has been rated as critical. Affected by this issue is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument pptp_server_start_ip/pptp_server_end_ip leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/CH13hh/tmp_store_cc/blob/main/AC7formSetPPTPServer/formSetPPTPServer.mdmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.tenda.com.cnmitreproduct
News mentions
0No linked articles in our index yet.