CVE-2025-12611 | Tenda AC21 16.03.08.16 /goform/SetPptpServerCfg formSetPPTPServer startIp buffer overflow

November 2, 2025 Yanac

A vulnerability, which was classified as critical, has been found in Tenda AC21 16.03.08.16. This vulnerability affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to buffer overflow.

This vulnerability is referenced as CVE-2025-12611. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More