CVE-2026-1420

A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapskcrypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

PT-2026-4723

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A buffer overflow flaw exists in the Tenda AC23 router. The issue is due to the manipulation of the wpapsk crypto argument within the /goform/WifiExtraSet file. This allows for remote exploitation. Th...

CVE-2025-15217

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely...

CVE-2025-15216

A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument bindnum leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available an...

CVE-2025-15217

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely...

Tenda AC23 安全漏洞

Tenda AC23 is a dual-band gigabit wireless router from Tenda China. A security vulnerability exists in Tenda AC23 version 16.03.07.52, which stems from an incorrect manipulation of the parameter list and could result in a buffer overflow...

Tenda AC23 安全漏洞

Tenda AC23 is a dual-band gigabit wireless router from Tenda China. A security vulnerability exists in Tenda AC23 version 16.03.07.52, which stems from an incorrect operation of the parameter bindnum in the file /goform/SetIpMacBind, which could result in a stack-based buffer overflow...

PT-2025-53838

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A security issue exists in the Tenda AC23 router. The formSetPPTPUserList function within the HTTP POST Request Handler component is susceptible to a buffer overflow when the argument list is...

PT-2025-53837

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A flaw exists in Tenda AC23 version 16.03.07.52 that allows for remote stack-based buffer overflow. The issue is located within the fromSetIpMacBind function in the /goform/SetIpMacBind file...

CVE-2025-12596

A security vulnerability has been detected in Tenda AC23 16.03.07.52. Affected is the function saveParentControlInfo of the file /goform/saveParentControlInfo. Such manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been...

Exploit for CVE-2025-12596

Lab: CVE-2025-12596 - Buffer Overflow in Tenda AC23 Router...

EUVD-2025-37442

A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the...

CVE-2025-12595

A weakness has been identified in Tenda AC23 16.03.07.52. This impacts the function formSetVirtualSer of the file /goform/SetVirtualServerCfg. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the...

CVE-2025-11356

A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and coul...

CVE-2025-11356

CVE-2025-11356 affects Tenda AC23 (pre-16.03.07.52). The vulnerability is in sscanf within /goform/SetStaticRouteCfg, where input length validation allows a buffer overflow, enabling remote exploitation. Public exploits exist. Remedies include upgrading to a version newer than 16.03.07.52 (per PT...

Tenda AC23 Buffer Overflow Vulnerability

Tenda AC23 is a high performance wireless router from Tenda Technology. A buffer overflow vulnerability exists in Tenda AC23 version 16.03.07.52, which originates from the mishandling of the deviceList parameter in the sub46C940 function in the httpd component/goform/setMacFilterCfg file. An...

Tenda AC23 安全漏洞

Tenda AC23 is a high performance wireless router from Tenda Technology. A buffer overflow vulnerability exists in Tenda AC23 version 16.03.07.52, which originates from the mishandling of the deviceList parameter in the sub46C940 function in the httpd component/goform/setMacFilterCfg file. An...