CVE-2025-14993 | Tenda AC18 15.03.05.05 HTTP Request /goform/SetDlnaCfg sprintf scanList stack-based overflow

Inserito da Angelo Barbosa | Dic 20, 2025 | CVE

A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This affects the function sprintf of the file /goform/SetDlnaCfg of the component HTTP Request Handler. The manipulation of the argument scanList results in stack-based buffer overflow.

This vulnerability is identified as CVE-2025-14993. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2025-14993 | Tenda AC18 15.03.05.05 HTTP Request /goform/SetDlnaCfg sprintf scanList stack-based overflow

Post correlati

CVE-2025-8830 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/setWan sub_3517C Hostname os command injection

CVE-2024-8785 | Progress WhatsUp Gold up to 2024.0.0 NmAPI.exe incorrect privileged apis

CVE-2024-8533 | Rockwell Automation 2800C OptixPanel Compact 4.0.0.325 privileges management

CVE-2022-47894 | Apache Zeppelin SAP up to 0.10.x xml external entity reference