ГлавнаяУязвимости → CVE-2025-4298
8.8высокая

CVE-2025-4298

→ есть в БДУ: BDU:2025-05873 (на русском)
Описание (на английском; русское — в БДУ выше)

A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Tenda Ac1206 firmwareTenda Ac1206
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/CH13hh/tmp_store_cc/blob/main/AC1206/AC1206formSetCfm/formSetCfm.mdhttps://vuldb.com/?ctiid.307402https://vuldb.com/?id.307402https://vuldb.com/?submit.563557https://www.tenda.com.cn/