VYPR
Unrated severityNVD Advisory· Published Nov 10, 2025· Updated Nov 18, 2025

CVE-2025-63835

CVE-2025-63835

Description

A stack-based buffer overflow vulnerability was discovered in Tenda AC18 v15.03.05.05_multi. The vulnerability exists in the guestSsid parameter of the /goform/WifiGuestSet interface. Remote attackers can exploit this vulnerability by sending oversized data to the guestSsid parameter, leading to denial of service (device crash) or potential remote code execution.

Affected products

2
  • Tenda/AC18cpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 15.03.05.05_multi

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.