CVE-2025-0848 | Tenda A18 up to 15.13.07.09 HTTP POST Request /goform/SetCmdlineRun wpapsk_crypto5g stack-based overflow

Inserito da Angelo Barbosa | Gen 29, 2025 | CVE

A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow.

The identification of this vulnerability is CVE-2025-0848. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-0848 | Tenda A18 up to 15.13.07.09 HTTP POST Request /goform/SetCmdlineRun wpapsk_crypto5g stack-based overflow

Post correlati

CVE-2024-11311 | TRCore DVC up to 6.3 path traversal

CVE-2024-7686 | SourceCodester Kortex Lite Advocate Office Management System 1.0 register_case.php title/description/opposite_lawyer cross site scripting

CVE-2024-32573 | WP Lab WP-Lister Lite for eBay Plugin up to 3.5.11 on WordPress cross site scripting

CVE-2024-37288 | Elastic Kibana 8.15.0 YAML Parser deserialization