Details of VAR-202510-0072

ID

VAR-202510-0072

CVE

CVE-2025-11389

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC15 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-016227

DESCRIPTION

A security flaw has been discovered in Tenda AC15 15.03.05.18. Affected is an unknown function of the file /goform/saveAutoQos. Performing manipulation of the argument enable results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. Shenzhen Tenda Technology Co.,Ltd. of AC15 The firmware contains a buffer error vulnerability and a stack-based buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability stems from the failure of the enable parameter in the file /goform/saveAutoQos to properly validate the length of input data. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service

Trust: 2.16

sources: NVD: CVE-2025-11389 // JVNDB: JVNDB-2025-016227 // CNVD: CNVD-2025-24168

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-24168

AFFECTED PRODUCTS

vendor:	tenda	model:	ac15	scope:	eq	version:	15.03.05.18	Trust: 1.6
vendor:	tenda	model:	ac15	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac15	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac15	scope:	eq	version:	ac15 firmware 15.03.05.18	Trust: 0.8

sources: CNVD: CNVD-2025-24168 // JVNDB: JVNDB-2025-016227 // NVD: CVE-2025-11389

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-11389
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-016227
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-24168
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-11389
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-016227
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-24168
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-11389
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-016227
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-24168 // JVNDB: JVNDB-2025-016227 // NVD: CVE-2025-11389

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-016227 // NVD: CVE-2025-11389

EXTERNAL IDS

db:	NVD	id:	CVE-2025-11389	Trust: 3.2
db:	VULDB	id:	327316	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-016227	Trust: 0.8
db:	CNVD	id:	CNVD-2025-24168	Trust: 0.6

sources: CNVD: CNVD-2025-24168 // JVNDB: JVNDB-2025-016227 // NVD: CVE-2025-11389

REFERENCES

url:	https://github.com/noahze01/iot-vulnerable/blob/main/tenda/ac15/saveautoqos.md	Trust: 1.8
url:	https://vuldb.com/?id.327316	Trust: 1.8
url:	https://vuldb.com/?submit.664982	Trust: 1.8
url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2025-11389	Trust: 1.4
url:	https://vuldb.com/?ctiid.327316	Trust: 1.0

sources: CNVD: CNVD-2025-24168 // JVNDB: JVNDB-2025-016227 // NVD: CVE-2025-11389

SOURCES

db:	CNVD	id:	CNVD-2025-24168
db:	JVNDB	id:	JVNDB-2025-016227
db:	NVD	id:	CVE-2025-11389

LAST UPDATE DATE

2025-10-18T23:21:12.498000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-24168	date:	2025-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2025-016227	date:	2025-10-17T01:31:00
db:	NVD	id:	CVE-2025-11389	date:	2025-10-15T18:34:49.890

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-24168	date:	2025-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2025-016227	date:	2025-10-17T00:00:00
db:	NVD	id:	CVE-2025-11389	date:	2025-10-07T12:15:42.500