CVE-2025-11328 – Tenda AC18 SetDDNSCfg stack-based overflow

CVE ID : CVE-2025-11328

Published : Oct. 6, 2025, 9:15 a.m. | 1 hour, 17 minutes ago

Description : A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This issue affects some unknown processing of the file /goform/SetDDNSCfg. The manipulation of the argument ddnsEn results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…