Primary

Context

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically in version V15.03.05.19. The issue arises in the 'AdvSetMacMtuWan' function, where the 'cloneType' parameter can be manipulated by the user. This parameter is passed to 'strcpy', creating a buffer overflow condition.

Impact

Exploitation of this vulnerability leads to a stack overflow, causing a segmentation fault on the router.

Reproduction

To reproduce this vulnerability, send a POST request to the '/goform/AdvSetMacMtuWan' endpoint. Include a payload in the 'cloneType' parameter that is large enough to overflow the buffer, such as a string of repeated characters. The request should also include a cookie with the password 'vhlcvb'.

Added: Oct 2, 2025, 5:18 PM

Updated: Oct 2, 2025, 8:22 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.7

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC18

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating