CVE-2025-11586 | Tenda AC7 15.03.06.44 /goform/setNotUpgrade newVersion stack-based overflow

Inserito da Angelo Barbosa | Ott 10, 2025 | CVE

A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument newVersion causes stack-based buffer overflow.

This vulnerability is tracked as CVE-2025-11586. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2025-11586 | Tenda AC7 15.03.06.44 /goform/setNotUpgrade newVersion stack-based overflow

Post correlati

CVE-2024-45855 | MindsDB 23.10.2.0 Inhouse Model deserialization

CVE-2024-39870 | Siemens SINEMA Remote Connect Server up to 3.2 client-side enforcement of server-side security (ssa-381581)

CVE-2024-30256 | Open WebUI up to 0.1.116 server-side request forgery (GHSA-39wr-r5vm-3jxj)

CVE-2023-48183 | QuickJS build_for_in_iterator null pointer dereference (Issue 192)