216.73.217.64

CVE-2025-13258

· Published 17/11/2025 03:15 · Modified 19/11/2025 13:15

Labels: CVE-2025-13258 2025-11-17CVE-2025-13258CWE-119[email protected]

Essential information

Published
17/11/2025 03:15
Modified
19/11/2025 13:15
Author
Creator
CVSS
7.4 HIGH (v3) 7.4 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
tenda / ac20 firmware cpe:2.3:o:tenda:ac20_firmware:16.03.08.12:*:*:*:*:*:*:*
tenda / ac20 cpe:2.3:h:tenda:ac20:-:*:*:*:*:*:*:*

References