CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-11388

A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts an unknown function of the file /goform/setNotUpgrade. Such manipulation of the argument newVersion leads to stack-based buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC15/setNotUpgrade.md
https://vuldb.com/?ctiid.327315
https://vuldb.com/?id.327315
https://vuldb.com/?submit.664974
https://www.tenda.com.cn/

Products affected by CVE-2025-11388

Tenda » Ac15 » Version: N/A

cpe:2.3:h:tenda:ac15:-
Tenda » Ac15 Firmware » Version: 15.03.05.18

cpe:2.3:o:tenda:ac15_firmware:15.03.05.18

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-11388

Products

Pricing

Contact Us