Sign-up

ID

VAR-202509-3845


CVE

CVE-2025-11091


TITLE

Shenzhen Tenda Technology Co.,Ltd.  of  ac21  Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760

DESCRIPTION

A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be exploited. Shenzhen Tenda Technology Co.,Ltd. of ac21 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2025-11091 // JVNDB: JVNDB-2025-015760

AFFECTED PRODUCTS

vendor:tendamodel:ac21scope:lteversion:16.03.08.16

Trust: 1.0

vendor:tendamodel:ac21scope:lteversion:ac21 firmware 16.03.08.16 and earlier

Trust: 0.8

vendor:tendamodel:ac21scope: - version: -

Trust: 0.8

vendor:tendamodel:ac21scope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760 // NVD: CVE-2025-11091

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-11091
value: HIGH

Trust: 1.0

OTHER: JVNDB-2025-015760
value: HIGH

Trust: 0.8

cna@vuldb.com: CVE-2025-11091
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

OTHER: JVNDB-2025-015760
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

cna@vuldb.com: CVE-2025-11091
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

OTHER: JVNDB-2025-015760
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760 // NVD: CVE-2025-11091

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:CWE-119

Trust: 1.0

problemtype:Buffer error (CWE-119) [ others ]

Trust: 0.8

problemtype: Classic buffer overflow (CWE-120) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760 // NVD: CVE-2025-11091

EXTERNAL IDS

db:NVDid:CVE-2025-11091

Trust: 2.6

db:VULDBid:326173

Trust: 1.8

db:JVNDBid:JVNDB-2025-015760

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760 // NVD: CVE-2025-11091

REFERENCES

url:https://github.com/maximdevere/cve2/issues/2

Trust: 1.8

url:https://vuldb.com/?id.326173

Trust: 1.8

url:https://vuldb.com/?submit.661806

Trust: 1.8

url:https://www.tenda.com.cn/

Trust: 1.8

url:https://vuldb.com/?ctiid.326173

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2025-11091

Trust: 0.8

sources: JVNDB: JVNDB-2025-015760 // NVD: CVE-2025-11091

SOURCES

db:JVNDBid:JVNDB-2025-015760
db:NVDid:CVE-2025-11091

LAST UPDATE DATE

2025-10-12T23:23:43.974000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2025-015760date:2025-10-10T08:06:00
db:NVDid:CVE-2025-11091date:2025-10-03T14:45:31.690

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2025-015760date:2025-10-10T00:00:00
db:NVDid:CVE-2025-11091date:2025-09-28T02:15:31.430