Primary

Context

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically in version 15.03.05.19. The issue arises in the AdvSetMacMtuWan function, where the wanMTU parameter can be manipulated by the user. This parameter is passed to a strcpy function, leading to the buffer overflow.

Impact

Exploitation of this vulnerability causes a stack overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Reproduction

To reproduce this vulnerability, send a POST request to the /goform/AdvSetMacMtuWan endpoint. Include a payload in the wanMTU parameter that is large enough to overflow the buffer, such as a string of repeated characters. The request can be made with a cookie that contains a password value.

Added: Oct 2, 2025, 5:17 PM

Updated: Oct 2, 2025, 8:21 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenda AC18 Stack Overflow Vulnerability in AdvSetMacMtuWan Function

Vulnerability

Impact

Reproduction

Affected Products

Tenda AC18

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating