Stack Overflow Vulnerability in Tenda AC18 Firewall Configuration
CVE-2024-57581

9.8CRITICAL

Key Information:

Vendor
Tenda
Status
AC18
Vendor
CVE Published:
16 January 2025

Summary

The Tenda AC18 router has a security flaw due to a stack overflow in the formSetFirewallCfg function, triggered by malicious inputs in the firewallEn parameter. This vulnerability poses a risk of unauthorized code execution, potentially compromising the device's security and integrity. It is essential for users of Tenda AC18 version V15.03.05.19 to be aware of this issue and apply necessary mitigations to safeguard their systems.

References

https://github.com/qijiale/Tenda/tree/main/8

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.