CVE-2025-15217 | HackTesting

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.

Credits

wxhwxhwxh_tutu (VulDB User)

References

https://vuldb.com/?id.338602

https://vuldb.com/?ctiid.338602

https://vuldb.com/?submit.725448

https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1?source=copy_link

https://www.tenda.com.cn/