CVE-2025-15356 | Tenda AC20 up to 16.03.08.12 /goform/PowerSaveSet sscanf powerSavingEn/time/powerSaveDelay/ledCloseType buffer overflow

Inserito da Angelo Barbosa | Dic 30, 2025 | CVE

A vulnerability marked as critical has been reported in Tenda AC20 up to 16.03.08.12. The impacted element is the function sscanf of the file /goform/PowerSaveSet. The manipulation of the argument powerSavingEn/time/powerSaveDelay/ledCloseType leads to buffer overflow.

This vulnerability is documented as CVE-2025-15356. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2025-15356 | Tenda AC20 up to 16.03.08.12 /goform/PowerSaveSet sscanf powerSavingEn/time/powerSaveDelay/ledCloseType buffer overflow

Post correlati

CVE-2025-64168 | agno-agi agno up to 2.2.1 session_state race condition

CVE-2024-34551 | Select-Themes Stockholm Plugin up to 9.6 on WordPress path traversal

CVE-2024-11951 | Fave Themes Homey Login Register Plugin up to 2.4.0 on WordPress privileges management

CVE-2023-47415 | Cypress CTM-200 up to 2.7.1.5600 cli_text os command injection