CVE-2025-5850 – Tenda AC15 HTTP POST Request Handler Buffer Overflow Vulnerability

June 9, 2025

CVE ID : CVE-2025-5850

Published : June 8, 2025, 11:15 p.m. | 4 hours, 29 minutes ago

Description : A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5849 – Tenda AC15 HTTP POST Request Handler Stack-Based Buffer Overflow Vulnerability

Next Article CVE-2025-5848 – Tenda AC15 PPTP Buffer Overflow Vulnerability

Highlights

CVE-2025-5440 – Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 NTP Os Command Injection Vulnerability

June 2, 2025

CVE ID : CVE-2025-5440

Published : June 2, 2025, 10:15 a.m. | 1 hour, 7 minutes ago

Description : A vulnerability classified as critical has been found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function NTP of the file /goform/NTP. The manipulation of the argument manual_year_select/manual_month_select/manual_day_select/manual_hour_select/manual_min_select/manual_sec_select leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

7 ways Linux can save you money

My favorite Kindle tablet just got a kids model, and it makes so much sense

You can turn your Google Photos into video clips now – here’s how

Blade Service Injection: Direct Service Access in Laravel Templates

Blade Service Injection: Direct Service Access in Laravel Templates

This Week in Laravel: NativePHP Mobile and AI Guidelines from Spatie

Retrieve the Currently Executing Closure in PHP 8.5

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2025-5850 – Tenda AC15 HTTP POST Request Handler Buffer Overflow Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Stream A Minecraft Movie at home right now (as long as you’re in the U.S.) and have your own “Chicken Jockey” moment whenever you like

CVE-2025-7208 – Plan9port X509 Heap Buffer Overflow Vulnerability

Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis

Cloudflare announces remote MCP server to reduce barriers to creating AI agents

CVE-2025-5440 – Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 NTP Os Command Injection Vulnerability

CVE-2025-4575 – OpenSSL -addreject Option Truncation Vulnerability

CVE-2025-47692 – ContentStudio Missing Authorization Vulnerability

CVE-2024-53621 – Tenda AC1206 Buffer Overflow Vulnerability

CVE-2025-5850 – Tenda AC15 HTTP POST Request Handler Buffer Overflow Vulnerability

Related Posts