Buffer Overflow in Tenda AC18 Router Affecting Remote User Management
CVE-2025-5607
Key Information:
Badges
What is CVE-2025-5607?
A buffer overflow vulnerability in the Tenda AC18 router affects its remote user management functionality. This flaw in the formSetPPTPUserList method allows the manipulation of input arguments, potentially enabling attackers to execute arbitrary code. With the exploit publicly disclosed, it poses a significant risk to network security, highlighting the need for immediate updates and security practices to safeguard devices against unauthorized access.
Affected Version(s)
AC18 15.03.05.05
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved