Sign-up

ID

VAR-202505-2674


CVE

CVE-2025-45779


DESCRIPTION

Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.

Trust: 1.0

sources: NVD: CVE-2025-45779

AFFECTED PRODUCTS

vendor:tendamodel:ac10scope:eqversion:15.03.06.46

Trust: 1.0

sources: NVD: CVE-2025-45779

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-45779
value: CRITICAL

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-45779
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: NVD: CVE-2025-45779

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2025-45779

EXTERNAL IDS

db:NVDid:CVE-2025-45779

Trust: 1.0

sources: NVD: CVE-2025-45779

REFERENCES

url:https://www.tendacn.com/us/download/detail-3782.html

Trust: 1.0

url:https://github.com/sunyou-iot/iot-vul/blob/main/tendaac10/cve-2025-45779/readme.md

Trust: 1.0

sources: NVD: CVE-2025-45779

SOURCES

db:NVDid:CVE-2025-45779

LAST UPDATE DATE

2025-06-14T22:59:16.921000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2025-45779date:2025-06-13T13:40:52.883

SOURCES RELEASE DATE

db:NVDid:CVE-2025-45779date:2025-05-12T17:15:47.297