CVE-2025-1814 | Tenda AC6 15.03.05.16 /goform/WifiExtraSet wpapsk_crypto stack-based overflow

Inserito da Angelo Barbosa | Mar 1, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.

This vulnerability is handled as CVE-2025-1814. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-1814 | Tenda AC6 15.03.05.16 /goform/WifiExtraSet wpapsk_crypto stack-based overflow

Post correlati

CVE-2024-20350 | Cisco Digital Network Architecture Center up to 2.3.7.4-AIRGAP-MDNAC SSH Host Key hard-coded key (cisco-sa-dnac-ssh-e4uOdASj)

CVE-2023-38042 | Ivanti Secure Access Client up to 22.7 on Windows Local Privilege Escalation

CVE-2024-3875 | Tenda F1202 1.2.0.20(408) /goform/Natlimit fromNatlimit page stack-based overflow

CVE-2024-50386 | Apache CloudStack up to 4.18.2.4/4.19.1.2 access control