Tenda W18E Stack Overflow Vulnerability in Web Management Portal Allowing Denial-of-Service and Potential Arbitrary Code Execution

Vulnerability

A stack overflow vulnerability has been identified in the Tenda W18E router, specifically in version V16.01.0.8(1625). This vulnerability resides within the web management portal, where improper input validation in the delFacebookPic function allows authenticated remote attackers to cause a denial-of-service condition or potentially execute arbitrary code.

Impact

Exploitation of this vulnerability can lead to a stack overflow, causing a denial-of-service condition or allowing for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda W18E Stack Overflow Vulnerability in Web Management Portal Allowing Denial-of-Service and Potential Arbitrary Code Execution

Vulnerability

Impact

Affected Products

Tenda W18E

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating