EUVD-2025-205852

🗓️ 30 Dec 2025 20:32:08Reported by EUVDType

Remote buffer overflow in Tenda AC20 up to 16.03.08.12 via PowerSaveSet parameters; exploit publicly disclosed.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-15356	30 Dec 202509:05	–	circl
CNNVD	Tenda AC20 安全漏洞	30 Dec 202500:00	–	cnnvd
CVE	CVE-2025-15356	30 Dec 202520:32	–	cve
Cvelist	CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow	30 Dec 202520:32	–	cvelist
NVD	CVE-2025-15356	30 Dec 202521:15	–	nvd
OSV	CVE-2025-15356	30 Dec 202521:15	–	osv
Positive Technologies	PT-2025-54177	30 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-15356	31 Dec 202521:09	–	redhatcve
Vulnrichment	CVE-2025-15356 Tenda AC20 PowerSaveSet sscanf buffer overflow	30 Dec 202520:32	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "35cd52b0-99e2-30a5-98f6-61601b235bb2",
        "vendor": {
          "name": "Tenda"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0023bcde-a9c7-3673-8d46-4a1aba451409",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.11"
      },
      {
        "id": "016ceaf9-79c5-33fc-ae6d-9c90473e633a",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.6"
      },
      {
        "id": "0d10acc6-c36d-303e-9ac5-bd697a959af3",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.2"
      },
      {
        "id": "11aa6735-e8f0-3ef5-aa49-23a700ccc6c7",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.0"
      },
      {
        "id": "19224ff9-d381-3583-9591-86f736b337bb",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.5"
      },
      {
        "id": "1e91e3b8-fdb7-3e15-9666-871cccdb9696",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.7"
      },
      {
        "id": "244b1be9-2e81-38fb-8a44-a1ef6a46aeb7",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.4"
      },
      {
        "id": "2461ab3c-b57a-3643-9b4d-b66dbedf741e",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.10"
      },
      {
        "id": "43881200-7b34-3d1a-8394-0b7cd0fb996e",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.8"
      },
      {
        "id": "5ba99cdf-7293-31dc-b3b1-c30b9ad8867d",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.9"
      },
      {
        "id": "9a70f38d-32e1-36b2-9e4c-073c6c9397fe",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.12"
      },
      {
        "id": "ce75a67a-e9f7-3a02-96a8-494a33742248",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.1"
      },
      {
        "id": "ff49eaea-e521-33bb-ad19-3b0edeb4e363",
        "product": {
          "name": "AC20"
        },
        "product_version": "16.03.08.3"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/xyh4ck/iot_poc/tree/main/Tenda%20AC20_Buffer_Overflow
github	www.github.com/xyh4ck/iot_poc/blob/main/Tenda%20AC20_Buffer_Overflow/Tenda%20AC20_Buffer_Overflow.md
tenda	www.tenda.com.cn/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-15356

30 Dec 2025 21:31Current

6.8Medium risk

Vulners AI Score6.8

CVSS 48.7

CVSS 3.18.8

CVSS 29

CVSS 38.8

EPSS0.00485

SSVC