Details of VAR-202505-1772

ID

VAR-202505-1772

CVE

CVE-2025-4896

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC10 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-005769

DESCRIPTION

A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/UserCongratulationsExec. The manipulation of the argument getuid leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC10 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. Tenda AC10 has a buffer overflow vulnerability, which is caused by the parameter getuid in the file /goform/UserCongratulationsExec failing to correctly verify the length of the input data. Attackers can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-4896 // JVNDB: JVNDB-2025-005769 // CNVD: CNVD-2025-10591

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-10591

AFFECTED PRODUCTS

vendor:	tenda	model:	ac10	scope:	eq	version:	16.03.10.13	Trust: 1.6
vendor:	tenda	model:	ac10	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac10	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac10	scope:	eq	version:	ac10 firmware 16.03.10.13	Trust: 0.8

sources: CNVD: CNVD-2025-10591 // JVNDB: JVNDB-2025-005769 // NVD: CVE-2025-4896

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-4896
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2025-4896
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-005769
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-10591
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-4896
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-005769
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-10591
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-4896
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2025-4896
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2025-005769
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-10591 // JVNDB: JVNDB-2025-005769 // NVD: CVE-2025-4896 // NVD: CVE-2025-4896

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-005769 // NVD: CVE-2025-4896

EXTERNAL IDS

db:	NVD	id:	CVE-2025-4896	Trust: 3.2
db:	VULDB	id:	309452	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-005769	Trust: 0.8
db:	CNVD	id:	CNVD-2025-10591	Trust: 0.6

sources: CNVD: CNVD-2025-10591 // JVNDB: JVNDB-2025-005769 // NVD: CVE-2025-4896

REFERENCES

url:	https://vuldb.com/?id.309452	Trust: 1.8
url:	https://vuldb.com/?submit.578034	Trust: 1.8
url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://github.com/byxs0x0/cve2/blob/main/tenda%20ac10.md	Trust: 1.6
url:	https://vuldb.com/?ctiid.309452	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-4896	Trust: 0.8

sources: CNVD: CNVD-2025-10591 // JVNDB: JVNDB-2025-005769 // NVD: CVE-2025-4896

SOURCES

db:	CNVD	id:	CNVD-2025-10591
db:	JVNDB	id:	JVNDB-2025-005769
db:	NVD	id:	CVE-2025-4896

LAST UPDATE DATE

2025-05-29T23:47:33.600000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-10591	date:	2025-05-26T00:00:00
db:	JVNDB	id:	JVNDB-2025-005769	date:	2025-05-28T05:48:00
db:	NVD	id:	CVE-2025-4896	date:	2025-05-27T16:30:13.490

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-10591	date:	2025-05-22T00:00:00
db:	JVNDB	id:	JVNDB-2025-005769	date:	2025-05-28T00:00:00
db:	NVD	id:	CVE-2025-4896	date:	2025-05-18T21:15:19.873