| Title | Tenda AC23 AC23 V16.03.07.52 Buffer Overflow |
|---|
| Description | The Tenda AC23 V16.03.07.52 firmware has a buffer overflow vulnerability in the formSetPPTPUserList function. The Var variable receives the list parameter from a POST request and is later passed to the strspy function. |
|---|
| Source | ⚠️ https://lavender-bicycle-a5a.notion.site/Tenda-AC23-formSetPPTPUserList-2d753a41781f8091b772cf9e66a687f1?source=copy_link |
|---|
| User | wxhwxhwxh_tutu (UID 65923) |
|---|
| Submission | 12/28/2025 13:52 (5 months ago) |
|---|
| Moderation | 12/28/2025 16:37 (3 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 338602 [Tenda AC23 16.03.07.52 HTTP POST Request formSetPPTPUserList list buffer overflow] |
|---|
| Points | 14 |
|---|