CVE-2025-15218 | Tenda AC10U 15.03.06.48/15.03.06.49 POST Request Parameter /goform/AdvSetLanip fromadvsetlanip lanMask buffer overflow

Inserito da Angelo Barbosa | Dic 28, 2025 | CVE

A vulnerability described as critical has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing manipulation of the argument lanMask can lead to buffer overflow.

This vulnerability is tracked as CVE-2025-15218. The attack can be launched remotely. Moreover, an exploit is present.

CVE-2025-15218 | Tenda AC10U 15.03.06.48/15.03.06.49 POST Request Parameter /goform/AdvSetLanip fromadvsetlanip lanMask buffer overflow

Post correlati

CVE-2025-25776 | Codeastro Bus Ticket Booking System 1.0 User Registration Full Name/Address cross site scripting

CVE-2024-9048 | y_project RuoYi up to 4.7.9 Backend User Import SysUserServiceImpl.java SysUserServiceImpl loginName cross site scripting (IAR6Q3)

CVE-2024-23152 | Autodesk AutoCAD 3DM File Parser out-of-bounds

CVE-2024-50056 | Linux Kernel up to 6.11.3 uvc_v4l2.c ERR_PTR null pointer dereference (cedeb36c3ff4/a7bb96b18864)