Stack Overflow Vulnerability in Tenda AC18 Router
CVE-2024-57582

9.8CRITICAL

Key Information:

Vendor: Tenda
Status: Tenda AC18
Vendor: CVE Published:; 16 January 2025

Summary

A stack overflow vulnerability has been identified in the Tenda AC18 router, specifically found in the formSetPPTPServer function through the startIP parameter. This flaw poses significant risks to the integrity of the device and can potentially allow for arbitrary code execution, compromising the security of the affected network.

References

https://github.com/qijiale/Tenda/tree/main/9

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2025
Vulnerability Reserved
Jan 9, 2025