PT-2025-39754 · Tenda · Tenda Ac21
Maximdevere
·
Published
2025-09-27
·
Updated
2025-10-14
·
CVE-2025-11091
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Tenda AC21 versions up to 16.03.08.16
Description
A security issue exists in Tenda AC21 routers. A buffer overflow can be triggered remotely through manipulation of the argument list within the
sscanf function located in the /goform/SetStaticRouteCfg file. The exploit for this issue has been publicly released. Admin access may simplify exploitation.Recommendations
Update Tenda AC21 to a version later than 16.03.08.16.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Ac21