CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

July 14, 2025

CVE ID : CVE-2025-7586

Published : July 14, 2025, 8:15 a.m. | 9 hours, 29 minutes ago

Description : A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. Affected by this vulnerability is the function formSetAPCfg of the file /goform/setWtpData. The manipulation of the argument radio_2g_1 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53689 – Apache Jackrabbit XXE Injection Vulnerability

Next Article CVE-2025-7574 – LB-LINK Web Interface Improper Authentication Vulnerability

Highlights

CVE-2025-3794 – WordPress WPForms Stored Cross-Site Scripting Vulnerability

May 9, 2025

CVE ID : CVE-2025-3794

Published : May 9, 2025, 11:15 p.m. | 1 hour, 3 minutes ago

Description : The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the start_timestamp parameter in all versions up to, and including, 1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Project management apps are my top productivity hack – and these are my favorites on Linux

iOS 18.4 update draining your iPhone’s battery? Try these 6 fixes

CVE-2025-43857 – Net::IMAP Denial of Service Memory Exhaustion Vulnerability

extundelete recovers deleted files from ext3 or ext4 partitions

CVE-2025-3794 – WordPress WPForms Stored Cross-Site Scripting Vulnerability

Meta AI Introduces ReasonIR-8B: A Reasoning-Focused Retriever Optimized for Efficiency and RAG Performance

CVE-2024-13984 – QiAnXin TianQing Management Center RPTSVR Path Traversal Vulnerability

We still love jQuery

CVE-2025-7586 – Tenda AC500 Stack-Based Buffer Overflow Vulnerability

Related Posts