Sign-up

ID

VAR-202511-0090


CVE

CVE-2025-12596


TITLE

Tenda AC23 saveParentControlInfo file buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2025-27900

DESCRIPTION

A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The Tenda AC23 is a dual-band wireless router for home use, designed for large homes with excellent coverage and high-speed transmission. It supports 802.11ac Wave2 technology and boasts a maximum concurrent dual-band speed of 2033Mbps. This vulnerability stems from the fact that the parameter Time in the file /goform/saveParentControlInfo fails to properly validate the length of the input data. Attackers could exploit this vulnerability to execute arbitrary code or cause a denial-of-service attack

Trust: 1.44

sources: NVD: CVE-2025-12596 // CNVD: CNVD-2025-27900

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-27900

AFFECTED PRODUCTS

vendor:tendamodel:ac23scope:eqversion:16.03.07.52

Trust: 1.6

sources: CNVD: CNVD-2025-27900 // NVD: CVE-2025-12596

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2025-12596
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2025-12596
value: CRITICAL

Trust: 1.0

CNVD: CNVD-2025-27900
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2025-12596
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-27900
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2025-12596
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2025-12596
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNVD: CNVD-2025-27900 // NVD: CVE-2025-12596 // NVD: CVE-2025-12596

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.0

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2025-12596

EXTERNAL IDS

db:NVDid:CVE-2025-12596

Trust: 1.6

db:VULDBid:330891

Trust: 1.0

db:CNVDid:CNVD-2025-27900

Trust: 0.6

sources: CNVD: CNVD-2025-27900 // NVD: CVE-2025-12596

REFERENCES

url:https://github.com/lx-lx88/cve/issues/9

Trust: 1.6

url:https://vuldb.com/?ctiid.330891

Trust: 1.0

url:https://vuldb.com/?submit.677585

Trust: 1.0

url:https://www.tenda.com.cn/

Trust: 1.0

url:https://vuldb.com/?id.330891

Trust: 1.0

sources: CNVD: CNVD-2025-27900 // NVD: CVE-2025-12596

SOURCES

db:CNVDid:CNVD-2025-27900
db:NVDid:CVE-2025-12596

LAST UPDATE DATE

2025-11-18T15:38:31.735000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-27900date:2025-11-14T00:00:00
db:NVDid:CVE-2025-12596date:2025-11-05T15:55:16.150

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-27900date:2025-11-14T00:00:00
db:NVDid:CVE-2025-12596date:2025-11-02T11:15:35.373