ГлавнаяУязвимости → CVE-2025-8160
8.8высокая

CVE-2025-8160

→ есть в БДУ: BDU:2025-10979 (на русском)
Описание (на английском; русское — в БДУ выше)

A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Затрагиваемое ПО
Tenda Ac20 firmwareTenda Ac20
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/CH13hh/cve/blob/main/tenda1.mdhttps://vuldb.com/?ctiid.317574https://vuldb.com/?id.317574https://vuldb.com/?submit.620625https://www.tenda.com.cn/