CVE-2026-24103
Buffer Overflow in Tenda AC15V1 goform/formSetMacFilterCfg
Publication date: 2026-03-03
Last updated on: 2026-03-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac15_firmware | 15.03.05.18_multi |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is a buffer overflow found in the Tenda AC15 router firmware version V15.03.05.18_multi, specifically in the function handling the endpoint goform/formSetMacFilterCfg.
It occurs because user-supplied parameters are passed without proper input validation, allowing an attacker to send an excessively long deviceList string that overflows the buffer using the strcpy function.
This overflow happens due to lack of boundary checks on the input, which can be exploited by sending a crafted POST request to the vulnerable endpoint.
How can this vulnerability impact me? :
This buffer overflow vulnerability can allow an attacker to potentially execute arbitrary code or cause a denial of service on the affected Tenda AC15 router.
By exploiting the overflow, an attacker might gain control over the device or disrupt its normal operation, impacting network security and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending a crafted POST request to the vulnerable endpoint on the Tenda AC15 router firmware version V15.03.05.18_multi. Specifically, the endpoint is /goform/setMacFilterCfg.'}, {'type': 'paragraph', 'content': 'A proof-of-concept method involves using a Python script with the requests library to send a POST request containing a specially crafted, overly long deviceList string designed to trigger the buffer overflow.'}, {'type': 'paragraph', 'content': "The POST request should include cookies with the password 'ssetgb' and POST data with macFilterType set to 'black' and the long deviceList parameter."}, {'type': 'paragraph', 'content': 'Example command using curl (adapted from the PoC concept):'}, {'type': 'list_item', 'content': 'curl -X POST http://192.168.1.1/goform/setMacFilterCfg -H "Cookie: password=ssetgb" -d "macFilterType=black&deviceList=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..."'}, {'type': 'paragraph', 'content': 'Replace the deviceList value with an excessively long string to test for the buffer overflow condition.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
I don't know