Lucene search
K

CVE-2025-8940

🗓️ 14 Aug 2025 05:32:11Reported by VulDBType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 23 Views🌐 WEB

Remote buffer overflow in Tenda AC20 via strcpy in /goform/saveParentControlInfo from Time argument.

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the strcpy function in the microprogramming software for Tenda AC20 allows a hacker to cause a service failure.
12 Sep 202500:00
bdu_fstec
Circl
CVE-2025-8940
13 Aug 202513:03
circl
CNNVD
Tenda AC20 安全漏洞
14 Aug 202500:00
cnnvd
CNVD
Tenda AC20 Buffer Overflow Vulnerability (CNVD-2025-19580)
20 Aug 202500:00
cnvd
Cvelist
CVE-2025-8940 Tenda AC20 saveParentControlInfo strcpy buffer overflow
14 Aug 202505:32
cvelist
EUVD
EUVD-2025-24670
3 Oct 202520:07
euvd
NVD
CVE-2025-8940
14 Aug 202506:15
nvd
OSV
CVE-2025-8940
14 Aug 202506:15
osv
Positive Technologies
PT-2025-33124 · Tenda · Tenda Ac20
14 Aug 202500:00
ptsecurity
RedhatCVE
CVE-2025-8940
16 Aug 202506:11
redhatcve
Rows per page
NVD
Vulners
Node
tendaac20_firmwareRange16.03.08.016.03.08.12
AND
tendaac20Match-
[
  {
    "vendor": "Tenda",
    "product": "AC20",
    "versions": [
      {
        "version": "16.03.08.0",
        "status": "affected"
      },
      {
        "version": "16.03.08.1",
        "status": "affected"
      },
      {
        "version": "16.03.08.2",
        "status": "affected"
      },
      {
        "version": "16.03.08.3",
        "status": "affected"
      },
      {
        "version": "16.03.08.4",
        "status": "affected"
      },
      {
        "version": "16.03.08.5",
        "status": "affected"
      },
      {
        "version": "16.03.08.6",
        "status": "affected"
      },
      {
        "version": "16.03.08.7",
        "status": "affected"
      },
      {
        "version": "16.03.08.8",
        "status": "affected"
      },
      {
        "version": "16.03.08.9",
        "status": "affected"
      },
      {
        "version": "16.03.08.10",
        "status": "affected"
      },
      {
        "version": "16.03.08.11",
        "status": "affected"
      },
      {
        "version": "16.03.08.12",
        "status": "affected"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
Timerequest body/goform/saveParentControlInfoBuffer overflow via manipulated Time argument in saveParentControlInfo (remote exploit announced).CWE-119CWE-120

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 10:07Current
7.3High risk
Vulners AI Score7.3
CVSS 48.7
CVSS 3.18.8
CVSS 29
CVSS 38.8
EPSS0.0078
SSVC
23