CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-15217

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1?source=copy_link
https://vuldb.com/?ctiid.338602
https://vuldb.com/?id.338602
https://vuldb.com/?submit.725448
https://www.tenda.com.cn/
https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1

Products affected by CVE-2025-15217

Tenda » Ac23 » Version: N/A

cpe:2.3:h:tenda:ac23:-
Tenda » Ac23 Firmware » Version: 16.03.07.52

cpe:2.3:o:tenda:ac23_firmware:16.03.07.52

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-15217

Products

Pricing

Contact Us