EUVD-2025-204665

A vulnerability was detected in Tenda AC18 15.03.05.05. This affects the function sprintf of the file /goform/SetDlnaCfg of the component HTTP Request Handler. The manipulation of the argument scanList results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now...

PT-2025-52552

Name of the Vulnerable Software and Affected Versions Tenda AC18 version 15.03.05.05 Description A flaw exists in the Tenda AC18 router that could allow for remote attacks. The issue is related to the sprintf function within the HTTP Request Handler component, specifically in the file...

PT-2025-53536

Уязвимость функции sprintf микропрограммного обеспечения маршрутизаторов Tenda AC18 связана с выходом операции за границы буфера в памяти при обработке параметра scanList. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код или вызвать отказ в...

PT-2024-7539 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: A critical vulnerability has been found in the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to a stack-based buffer overflow. This issue can be...

CVE-2024-32018 Ineffective size check due to assert() and buffer overflow in RIOT

RIOT is a real-time multi-threading operating system that supports a range of devices that are typically 8-bit, 16-bit and 32-bit microcontrollers. Most codebases define assertion macros which compile to a no-op on non-debug builds. If assertions are the only line of defense against untrusted...