CVE-2025-15217 – Tenda AC23 HTTP POST Request formSetPPTPUserList buffer overflow

CVE ID : CVE-2025-15217

Published : Dec. 30, 2025, 3:15 a.m. | 1 hour, 8 minutes ago

Description : A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…