CVE-2025-3786

Name of the Vulnerable Software and Affected Versions Tenda AC15 versions 15.03.05.0 through 15.03.05.19

Description A critical issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely.

Recommendations For Tenda AC15 versions 15.03.05.0 through 15.03.05.19, consider disabling the fromSetWirelessRepeat function until a patch is available to prevent buffer overflow exploitation. Restrict access to the /goform/WifiExtraSet file to minimize the risk of exploitation. Avoid using the mac argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.