Vulnerabilities

CVE-2025-11386

by Fred · 07/10/2025

A vulnerability was found in Tenda AC15 15.03.05.18. The impacted element is an unknown function of the file /goform/SetDDNSCfg of the component POST Parameter Handler. The manipulation of the argument ddnsEn results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

More information : https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC15/SetDDNSCfg.md

Similar

Tags: Cybersecurity Alert