Tenda AC18 setPptpUserList formSetPPTPUserList buffer overflow

June 4, 2025 invoker category_cve

CVE Details

Basic Information

Title Tenda AC18 setPptpUserList formSetPPTPUserList buffer overflow
Type cve
Published 2025-06-04T19:31:07.808Z
Last Seen

Product Information

Vendor Tenda
Product AC18
Version 15.03.05.05

CVSS Information

Base Score 8.7 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Confidentiality Impact
Integrity Impact
Availability Impact

AI Analysis

AI Description A critical buffer overflow vulnerability in Tenda AC18 router’s setPptpUserList function allows remote attackers to cause a buffer overflow, potentially leading to system compromise. The vulnerability is highly severe and has a public exploit available.
AI Severity Critical
Vendor Tenda
Product Tenda AC18
Affected Version 15.03.05.05

Additional Information

CVE List
CWE List CWE-120, CWE-119
Bulletin Family
Source Data Tenda AC18 15.03.05.05

Source Information

Source Data Tenda AC18 15.03.05.05
Source Link

Description

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS Score Summary

Base Score: 8.7 (HIGH)

View Full CVE Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.