CVE-2025-57085CRITICAL 9.8EPSS p34.8%

CVE-2025-57085CVE-2025-57085

Description

Tenda W30E V16.01.0.19 (5037) was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.44% probability of exploitation · percentile 34.8% · 2026-06-18T12:00:27Z
Published2025-09-09
Last modified2025-09-17

Underlying weaknesses· 1

CWE-121

References

  1. https://github.com/vulnDetailRecord/VulforDevice/blob/main/Tenda/W30E/UploadCfg.md
  2. https://github.com/vulnDetailRecord/VulforDevice/blob/main/Tenda/W30E/UploadCfg.md

1

TypeTargetConfidenceTier
WeaknessStack-based Buffer Overflowcwe-1210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-36770
CVE
CVE-2025-9791
CVE
CVE-2026-4567
CVE
CVE-2026-5155
CVE
CVE-2026-36777
CVE
CVE-2026-24115
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.