Primary

Context

Tenda AC15 Stack-Based Buffer Overflow Vulnerability in QoS Management Function

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Tenda AC15 router running firmware version 15.03.05.18. The issue arises in the QoS management function, specifically within the file '/goform/saveAutoQos'. The vulnerability can be exploited remotely by manipulating the 'enable' parameter, leading to potential denial-of-service or arbitrary code execution.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can lead to a device crash or, depending on the presence of mitigations, arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/saveAutoQos' with an oversized 'enable' parameter. This input is not properly validated, allowing for a stack overflow when the data is copied into a fixed-size buffer. After the overflow is triggered, the '/goform/getAdvanceStatus' endpoint can be accessed to complete the exploitation process.

Added: Oct 7, 2025, 12:19 PM

Updated: Oct 7, 2025, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC15 Stack-Based Buffer Overflow Vulnerability in QoS Management Function

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC15

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating