CVE-2025-7544

Name of the Vulnerable Software and Affected Versions Tenda AC1206 version 15.03.06.23

Description A critical issue exists in the formSetMacFilterCfg() function located in the /goform/setMacFilterCfg file of the Tenda AC1206. Manipulation of the deviceList argument leads to a stack-based buffer overflow. This can be exploited remotely, potentially allowing an attacker to execute arbitrary code or cause a denial of service. The exploit for this issue has been publicly disclosed and may be used.

Recommendations Versions prior to 15.03.06.23 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.