CVE-2025-10803 | Tenda AC23 up to 16.03.07.52 HTTP POST Request /goform/SetPptpServerCfg sscanf startIp buffer overflow

Inserito da Angelo Barbosa | Set 21, 2025 | CVE

A vulnerability labeled as critical has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow.

This vulnerability is referenced as CVE-2025-10803. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-10803 | Tenda AC23 up to 16.03.07.52 HTTP POST Request /goform/SetPptpServerCfg sscanf startIp buffer overflow

Post correlati

CVE-2023-49855 | Binary Carpenter BC Menu Bar Cart Icon for WooCommerce Plugin up to 1.49.3 on WordPress cross-site request forgery

CVE-2024-22065 | ZTE MF258 Pro ZTE_MF258PRO_STD_V1.0.0B03 Ping Diagnosis Interface os command injection

CVE-2025-4641 | bonigarcia webdrivermanager up to 6.0.1 XML Parser WebDriverManager.java xml external entity reference

CVE-2024-42818 | fastapi-admin pro 0.1.4 Product Name cross site scripting