Tenda AC18 Stack Overflow Vulnerability in PPTP Server Configuration

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically in version V15.03.05.19. The issue arises in the formSetPPTPServer function, where the startIP parameter is improperly handled, leading to the overflow.

Impact

Exploitation of this vulnerability causes a stack overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

8.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC18 Stack Overflow Vulnerability in PPTP Server Configuration

Vulnerability

Impact

Affected Products

Tenda AC18

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating