← Retour aux CVEs
CVE-2025-29462
CRITICAL9.8
Description
A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie4/3/2025
Derniere modification4/22/2025
Sourcenvd
Observations honeypot0
Produits affectes
tenda:ac15tenda:ac15_firmware
Faiblesses (CWE)
CWE-120
References
https://hackmd.io/@7QWW9EKUSNGgPWZNOHkL2w/Sk4xbvejyx(cve@mitre.org)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.