Tenda AC18 Stack Overflow Vulnerability in funcSetCfm Function

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically in version V15.03.05.19. The issue arises in the formSetCfm function, where the funcpara1 parameter is improperly handled, leading to the overflow.

Impact

Exploitation of this vulnerability causes a stack overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC18 Stack Overflow Vulnerability in funcSetCfm Function

Vulnerability

Impact

Affected Products

Tenda AC18

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating