PT-2025-35118 · Tenda · Tenda Ac10
Plaid-Knot-11B
·
Published
2025-08-28
·
Updated
2025-08-28
·
CVE-2025-57217
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Tenda AC10 version 16.03.10.09 multi TDE01
Description
The Tenda AC10 firmware contains a stack overflow issue. The issue is located in the
R7WebsSecurityHandler function and is triggered via the Password parameter.Recommendations
Update to a newer firmware version to address this issue. As a temporary workaround, consider restricting the complexity or length of the
Password parameter submitted to the R7WebsSecurityHandler function.Fix
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tenda Ac10