Details of VAR-202510-0095

ID

VAR-202510-0095

CVE

CVE-2025-11385

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC20 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-015810

DESCRIPTION

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. of AC20 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Detailed vulnerability details are currently unavailable

Trust: 2.16

sources: NVD: CVE-2025-11385 // JVNDB: JVNDB-2025-015810 // CNVD: CNVD-2025-24474

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-24474

AFFECTED PRODUCTS

vendor:	tenda	model:	ac20	scope:	eq	version:	16.03.08.12	Trust: 1.0
vendor:	tenda	model:	ac20	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac20	scope:	eq	version:	ac20 firmware 16.03.08.12	Trust: 0.8
vendor:	tenda	model:	ac20	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac20	scope:	lte	version:	<=16.03.08.12	Trust: 0.6

sources: CNVD: CNVD-2025-24474 // JVNDB: JVNDB-2025-015810 // NVD: CVE-2025-11385

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-11385
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-015810
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-24474
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-11385
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-015810
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-24474
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-11385
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-015810
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-24474 // JVNDB: JVNDB-2025-015810 // NVD: CVE-2025-11385

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	CWE-119	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-015810 // NVD: CVE-2025-11385

EXTERNAL IDS

db:	NVD	id:	CVE-2025-11385	Trust: 3.2
db:	VULDB	id:	327312	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-015810	Trust: 0.8
db:	CNVD	id:	CNVD-2025-24474	Trust: 0.6

sources: CNVD: CNVD-2025-24474 // JVNDB: JVNDB-2025-015810 // NVD: CVE-2025-11385

REFERENCES

url:	https://github.com/cymiao1978/cve/blob/main/11.md	Trust: 2.4
url:	https://github.com/cymiao1978/cve/blob/main/11.md#poc	Trust: 1.8
url:	https://vuldb.com/?id.327312	Trust: 1.8
url:	https://vuldb.com/?submit.664922	Trust: 1.8
url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://vuldb.com/?ctiid.327312	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-11385	Trust: 0.8

sources: CNVD: CNVD-2025-24474 // JVNDB: JVNDB-2025-015810 // NVD: CVE-2025-11385

SOURCES

db:	CNVD	id:	CNVD-2025-24474
db:	JVNDB	id:	JVNDB-2025-015810
db:	NVD	id:	CVE-2025-11385

LAST UPDATE DATE

2025-11-19T23:14:43.222000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-24474	date:	2025-10-22T00:00:00
db:	JVNDB	id:	JVNDB-2025-015810	date:	2025-10-14T02:49:00
db:	NVD	id:	CVE-2025-11385	date:	2025-10-09T16:46:19.440

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-24474	date:	2025-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2025-015810	date:	2025-10-14T00:00:00
db:	NVD	id:	CVE-2025-11385	date:	2025-10-07T10:15:33.743