CVE-2025-14654 | Tenda AC20 16.03.08.12 httpd /goform/setPptpUserList formSetPPTPUserList list stack-based overflow

A vulnerability categorized as critical has been discovered in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow.

This vulnerability is documented as CVE-2025-14654. The attack can be executed remotely. Additionally, an exploit exists.VulDB Recent EntriesRead More