Volerion logoVolerion
Volerion logoVolerion

Tenda AC7 Stack-Based Buffer Overflow Vulnerability in Firmware 15.03.06.44

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Tenda AC7 router, specifically in the firmware version 15.03.06.44. The issue arises in the POST /goform/setNotUpgrade interface, where the newVersion parameter is processed without proper input size validation. This lack of validation allows for the injection of excessively long strings, which can overflow the stack buffer and potentially lead to remote code execution or a device crash.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can result in a device crash or allow for remote code execution.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/setNotUpgrade endpoint with the action parameter set to 1 and a malicious payload in the newVersion parameter that exceeds the expected length. After the payload is accepted, the vulnerability can be triggered by sending a POST request to /goform/GetRouterStatus, which will process the overflowed buffer and execute the exploit.

Added: Oct 10, 2025, 9:17 PM
Updated: Oct 10, 2025, 9:17 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
7.5
exploitability
9.1
remediation
8.3
relevance
0.7
threat
6.4
urgency
2.9
incentive
9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.