CVE-2025-11324
BaseFortify
Publication date: 2025-10-06
Last updated on: 2025-10-07
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac18_firmware | 15.03.05.19\(6318\) |
| tenda | ac18 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the Tenda AC18 router firmware version 15.03.05.19(6318). It occurs in the handling of the 'newVersion' parameter within the '/goform/setNotUpgrade' endpoint. Improper bounds checking allows an attacker to overflow the stack by sending crafted input to this parameter. This flaw can be exploited remotely without local access, potentially leading to arbitrary code execution or denial of service on the affected device. [1, 2]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to severe impacts including arbitrary code execution, which allows an attacker to run malicious code on the device, and denial of service, which can disrupt the normal operation of the router. Since the attack can be performed remotely and easily, it poses a high risk to the confidentiality, integrity, and availability of the affected device and the network it supports. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring network traffic for requests to the vulnerable endpoint '/goform/setNotUpgrade' with suspicious or unusually long 'newVersion' parameter values that may indicate an attempt to exploit the stack-based buffer overflow. Specific commands are not provided in the resources, but network traffic inspection tools like tcpdump or Wireshark can be used to filter HTTP requests to '/goform/setNotUpgrade'. For example, using tcpdump: tcpdump -A -s 0 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then searching for '/goform/setNotUpgrade' in the captured data. Additionally, IDS/IPS systems can be configured to alert on such patterns if signatures are available. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AC18 device running firmware version 15.03.05.19(6318) with an alternative product, as no known mitigations or patches are reported. Additionally, restricting remote access to the device, disabling remote management if possible, and implementing network-level protections such as firewall rules to block access to the '/goform/setNotUpgrade' endpoint can help reduce exposure until the device is replaced. [2]