exploitDog

CVE-2025-45428

Опубликовано: 23 апр. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

Ссылки

https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md
Exploit
Third Party Advisory
https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tenda:ac9_firmware:15.03.05.14_multi:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00846

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-121

Связанные уязвимости

GHSA-jqqv-g9pc-97qc

CVSS3: 9.8

github

10 месяцев назад

In Tenda ac9 v1.0 with firmware V15.03.05.14_multi, the rebootTime parameter of /goform/SetSysAutoRebbotCfg has a stack overflow vulnerability, which can lead to remote arbitrary code execution.

EPSS

Процентиль: 74%

0.00846

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-121