CVE-2025-15046 | Tenda WH450 1.0.0.18 HTTP Request /goform/PPTPClient netmsk stack-based overflow

December 23, 2025 Yanac

A vulnerability, which was classified as critical, was found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow.

This vulnerability is referenced as CVE-2025-15046. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More