CVE-2025-4368 – Tenda AC8 Buffer Overflow Vulnerability

May 6, 2025

CVE ID : CVE-2025-4368

Published : May 6, 2025, 4:15 p.m. | 3 hours, 19 minutes ago

Description : A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4384 – PcVue MQTT Certificate Validation Bypass

Next Article CVE-2025-4363 – iSourcecode Gym Management System SQL Injection Vulnerability

Highlights

CVE-2025-37815 – “Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability”

May 8, 2025

CVE ID : CVE-2025-37815

Published : May 8, 2025, 7:15 a.m. | 58 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration

Resolve kernel panic while accessing IRQ handler associated with the
generated IRQ. This is done by acquiring the spinlock and storing the
current interrupt state before handling the interrupt request using
generic_handle_irq.

A previous fix patch was submitted where ‘generic_handle_irq’ was
replaced with ‘handle_nested_irq’. However, this change also causes
the kernel panic where after determining which GPIO triggered the
interrupt and attempting to call handle_nested_irq with the mapped
IRQ number, leads to a failure in locating the registered handler.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-4368 – Tenda AC8 Buffer Overflow Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Kothay App: The New Sales Tracking & Management Software in a Very Affordable Price

I traveled 13,528 miles with these Snapdragon-powered laptops — Three key things make them ideal for trips

GameStop’s $500 Million Bitcoin Investment: A Strategic Leap into the Future

CVE-2025-47762 – Apple iOS Unvalidated Redirect

CVE-2025-37815 – “Microchip PCI1xxxx Linux Kernel IRQ Handler Registration Vulnerability”

CVE-2025-4069 – Code-projects Product Management System Stack-Based Buffer Overflow

OpenIndiana is a community supported illumos-based operating system

CVE-2025-43847 – VITS Voice Changing Framework Remote Code Execution

CVE-2025-4368 – Tenda AC8 Buffer Overflow Vulnerability

Related Posts