CVE-2025-14992 | Tenda AC18 15.03.05.05 HTTP Request GetParentControlInfo strcpy mac stack-based overflow

December 20, 2025 Yanac

A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. The impacted element is the function strcpy of the file /goform/GetParentControlInfo of the component HTTP Request Handler. The manipulation of the argument mac leads to stack-based buffer overflow.

This vulnerability is referenced as CVE-2025-14992. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More