CVE-2025-15215 – Tenda AC10U HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflow

CVE ID : CVE-2025-15215

Published : Dec. 30, 2025, 3:15 a.m. | 1 hour, 8 minutes ago

Description : A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15219 – SohuTV CacheCloud MachineManageController.java doPodList cross site scripting

CVE-2025-15218 – Tenda AC10U POST Request Parameter AdvSetLanip fromadvsetlanip buffer overflow

CVE-2025-15216 – Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based overflow

CVE-2025-15217 – Tenda AC23 HTTP POST Request formSetPPTPUserList buffer overflow