CVE-2025-45779CRITICAL 9.8EPSS p90.9%

CVE-2025-45779CVE-2025-45779

Description

Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS4.87% probability of exploitation · percentile 90.9% · 2026-06-19T12:03:05Z
Published2025-05-12
Last modified2025-06-13

Underlying weaknesses· 1

CWE-120

References

  1. https://github.com/sunyou-iot/iot-vul/blob/main/TendaAC10/CVE-2025-45779/README.md
  2. https://www.tendacn.com/us/download/detail-3782.html
  3. https://github.com/sunyou-iot/iot-vul/blob/main/TendaAC10/CVE-2025-45779/README.md

1

TypeTargetConfidenceTier
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-1200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-15215
CVE
CVE-2025-5848
CVE
CVE-2025-15217
CVE
CVE-2025-5794
CVE
CVE-2025-5862
CVE
CVE-2025-5607
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.