CVE-2025-15046

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

More information : https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_WH450/PPTPClient/PPTPClient.md