CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

July 14, 2025

CVE ID : CVE-2025-7586

Published : July 14, 2025, 8:15 a.m. | 9 hours, 29 minutes ago

Description : A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file /goform/setWtpData. The manipulation of the argument radio_2g_1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53689 – Apache Jackrabbit XXE Injection Vulnerability

Next Article CVE-2025-7574 – LB-LINK Web Interface Improper Authentication Vulnerability

Akka introduces platform for distributed agentic AI

Design Patterns For AI Interfaces

Amazon launches spec-driven AI IDE, Kiro

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

ChatGPT falls for another Windows license key scam — generating valid codes in a guessing game after a researcher “gives up”

Germany wants Google and Apple to ban China’s “illegal” DeepSeek AI — after it failed to comply with data protection laws

Microsoft’s extra year of free Windows 10 security updates feels like a last-minute snooze button — while groups like “The Restart Project” still want to help users

The Xbox Ally and Xbox Ally X prices may have leaked — and if true, it’s not as bad as I thought

The details of TC39’s last meeting

The details of TC39’s last meeting

Modern async iteration in JavaScript with Array.fromAsync()

Vite vs Webpack: A Guide to Choosing the Right Bundler

ChatGPT falls for another Windows license key scam — generating valid codes in a guessing game after a researcher “gives up”

ChatGPT falls for another Windows license key scam — generating valid codes in a guessing game after a researcher “gives up”

Germany wants Google and Apple to ban China’s “illegal” DeepSeek AI — after it failed to comply with data protection laws

Microsoft’s extra year of free Windows 10 security updates feels like a last-minute snooze button — while groups like “The Restart Project” still want to help users

CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms

CVE-2025-46236 – Link Software LLC HTML Forms Stored Cross-site Scripting (XSS)

CVE-2025-27532 – “ctrlX OS Web Application Backup & Restore Authentication Bypass”

Natasha Lyonne to Direct AI-Powered Sci-Fi Film That Could Redefine Hollywood

CVE-2024-55595 – Cisco Webex Meeting Server Unvalidated Redirect

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-5836 – Tenda AC9 Command Injection Vulnerability

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles

CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

Related Posts