Tenda AC18 Username Parameter Stack Buffer Overflow Vulnerability

Tenda AC18 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in July 2016, mainly for villas and large home users. Tenda AC18 has a stack buffer overflow vulnerability, which originates from the parameter Username in the file /goform/fastsettingpppoeset fails to...

CVE-2025-11527

A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fastsettingpppoeset. Executing a manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been public...

EUVD-2025-33262

A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fastsettingpppoeset. Executing manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly...

CVE-2025-11527 Tenda AC7 fast_setting_pppoe_set stack-based overflow

A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fastsettingpppoeset. Executing a manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been public...

CVE-2025-11527

A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fastsettingpppoeset. Executing a manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been public...

PT-2025-41333

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack-based buffer overflow can occur due to manipulation of the Password argument within the /goform/fast setting pppoe set file. This issue allows for remote exploitation. The exploit has been...

CVE-2025-11387

CVE-2025-11387 affects Tenda AC15 routers (AO: 15.03.05.18) via the function in /goform/fast_setting_pppoe_set. The vulnerability is a stack-based buffer overflow caused by manipulated Password input, and is exploitable remotely with a publicly disclosed exploit (PoC). Multiple sources corroborat...

CVE-2025-11387 Tenda AC15 fast_setting_pppoe_set stack-based overflow

A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fastsettingpppoeset. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may ...

PT-2025-40978

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.18 Description A stack-based buffer overflow exists in Tenda AC15 routers. The issue is due to the manipulation of the Password argument within the file '/goform/fast setting pppoe set'. This can be exploited...

CVE-2025-11325 Tenda AC18 fast_setting_pppoe_set stack-based overflow

A security flaw has been discovered in Tenda AC18 15.03.05.196318. Affected by this issue is some unknown functionality of the file /goform/fastsettingpppoeset. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out...

CVE-2025-11325 Tenda AC18 fast_setting_pppoe_set stack-based overflow

A security flaw has been discovered in Tenda AC18 15.03.05.196318. Affected by this issue is some unknown functionality of the file /goform/fastsettingpppoeset. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out...

CVE-2025-11325

CVE-2025-11325 affects Tenda AC18 routers (firmware around 15.03.05.19(6318)). The vulnerability is a stack-based overflow in the /goform/fast_setting_pppoe_set handler triggered by manipulating the Username parameter. It is remotely exploitable, with public exploit code available. Impact include...