漏洞关键信息 Title: Tenda AC10U AC10U v1.0 Firmware V15.03.06.48, AC10U v1.0 Firmware V15.03.06.49 Buffer Overflow Description: - Vulnerability: Buffer overflow in the formSetPPTPUserList function. - Details: The Var variable receives the list parameter from a POST request and is passed to the strcpy function. If the user can control the input of the list, and the length of V4 exceeds the limits of the destination buffer (~), it can cause a buffer overflow. Source: https://www.notion.so/Tenda-AC10U-setPptpUserList-2d753a41781f80e8ba6bc37ba6100343?pvs=73 User: yhyryhr_miemie (UID 65492) Submission Date: 12/28/2025 10:19 AM Moderation Date: 12/28/2025 02:20 PM Status: Accepted VulDB Entry: 338600 (Tenda AC10U 15.03.06.48/15.03.06.49 HTTP POST Request /goform/setPptpUserList formSetPPTPUserList list buffer overflow) Points: 17