CVE-2025-11385
Published: 07 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11385 is a buffer overflow vulnerability affecting Tenda AC20 routers up to version 16.03.08.12. The issue resides in the sscanf function within the /goform/fast_setting_wifi_set file, where manipulation of the timeZone argument triggers the overflow. Published on 2025-10-07, it is associated with CWE-119 and CWE-120.
The vulnerability enables remote exploitation with low complexity (AC:L), requiring low privileges (PR:L) but no user interaction (UI:N) and no change in scope (S:U). Attackers can achieve high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H), as reflected in its CVSS v3.1 base score of 8.8, potentially allowing arbitrary code execution or denial of service.
References point to a GitHub repository containing a proof-of-concept exploit and VulDB entries documenting the vulnerability. The exploit has been publicly disclosed and may be used by attackers. No specific patch or mitigation details are provided in the available information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Buffer overflow in the public-facing web interface (/goform/fast_setting_wifi_set) via remote timeZone parameter manipulation enables exploitation of public-facing applications for unauthenticated remote code execution.