VYPR
Unrated severityNVD Advisory· Published Oct 7, 2025· Updated Feb 24, 2026

Tenda AC15 POST Parameter SetDDNSCfg stack-based overflow

CVE-2025-11386

Description

A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.