- Description
- A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
- Products
- ac10u_firmware
CVSS 4.0
- Type
- Secondary
- Base score
- 7.4
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- cna@vuldb.com
- CWE-119
- Hype score
- Not currently trending
CVE-2025-15215 (CVSS:7.4, HIGH) is Analyzed. A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of ..https://t.co/YCUA82cmH1 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
4 Jan 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-15215 A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the compon… https://t.co/t1YwXgqJFn
@CVEnew
30 Dec 2025
160 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-15215: HIGH] Cyber security alert: Vulnerability found in Tenda AC10U 15.03.06.48/15.03.06.49 allows remote attackers to trigger buffer overflow via manipulation of function arguments. Action advised.#cve,CVE-2025-15215,#cybersecurity https://t.co/vuaNspYmIi https://t.c
@CveFindCom
30 Dec 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.48:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2AFD04-833D-4085-BAD6-32A2715FA785",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tenda:ac10u:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D74EB31-E01D-439E-AAEC-BF0D4965A097",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tenda:ac10u_firmware:15.03.06.49:*:*:*:*:*:*:*",
"matchCriteriaId": "0F101E88-BEA9-4017-9048-860DF3D1BBBC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tenda:ac10u:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D74EB31-E01D-439E-AAEC-BF0D4965A097",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
]