Primary

Context

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically in version V15.03.05.19. The issue arises in the 'AdvSetMacMtuWan' function, where the 'mac' parameter can be manipulated. This parameter is passed to 'strcpy', creating a buffer overflow condition.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing a segmentation fault on the router.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/goform/AdvSetMacMtuWan' endpoint. The request must include a crafted 'mac' parameter that exceeds the buffer size, such as a string of repeated characters. Additional parameters like 'wanMTU', 'wanSpeed', 'cloneType', 'wanMTU2', 'wanSpeed2', 'cloneType2', and 'mac2' can also be included, but are not necessary for the exploitation.

Added: Oct 2, 2025, 4:17 PM

Updated: Oct 2, 2025, 8:29 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC18

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating