The Tenda AC18 is a router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda AC18 version V15.03.05.05, which originates from the password parameter of the R7WebsSecurityHandler function that fails to correctly validate the length of the input data, and can be exploited by a remote attacker to execute arbitrary code on the system or cause a denial of service attack.