CVE-2025-15215
Remote Buffer Overflow in Tenda AC10U HTTP POST Handler
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac10u | 15.03.06.48 |
| tenda | ac10u | 15.03.06.49 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Tenda AC10U router firmware versions 15.03.06.48 and 15.03.06.49, specifically in the function formSetPPTPUserList within the HTTP POST Request Handler. It involves manipulation of the argument list that causes a buffer overflow, which can be exploited remotely. This means an attacker can send specially crafted requests to the device to trigger this overflow.
How can this vulnerability impact me? :
The vulnerability can allow a remote attacker to exploit the buffer overflow, potentially leading to unauthorized actions such as executing arbitrary code, causing denial of service, or compromising the device's integrity and availability. This can result in loss of control over the device and disruption of network services.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring HTTP POST requests to the endpoint /goform/setPptpUserList on Tenda AC10U devices running vulnerable firmware versions 15.03.06.48 or 15.03.06.49. Specifically, look for unusually large or malformed 'list' parameters in POST requests that could trigger the buffer overflow. Network intrusion detection systems (NIDS) can be configured to alert on such POST requests. However, no specific detection commands or signatures are provided in the available resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AC10U device or upgrading its firmware to a version that is not vulnerable, if available. Since no known countermeasures or mitigations currently exist for this vulnerability, avoiding exposure by removing the device from the network or restricting access to the /goform/setPptpUserList endpoint is recommended. Monitoring for exploit attempts and applying network-level protections may also help reduce risk. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.