CVE-2025-5608 – Tenda AC18 Buffer Overflow Vulnerability

June 4, 2025

CVE ID : CVE-2025-5608

Published : June 4, 2025, 8:15 p.m. | 3 hours, 22 minutes ago

Description : A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument rebootTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48934 – Deno Deny Env Variable Information Disclosure

Next Article CVE-2025-5607 – “Tenda AC18 PPTP User List Buffer Overflow Vulnerability”

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-5608 – Tenda AC18 Buffer Overflow Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code

CVE-2020-36848 – BoldGrid WordPress Backup Plugin Sensitive Information Exposure

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects

CVE-2025-7506 – Tenda FH451 HTTP POST Request Handler Stack-Based Buffer Overflow

CVE-2025-3917 – “Baidu Station SEO Plugin Arbitrary File Upload Vulnerability”

CVE-2025-5628 – SourceCodester Food Menu Manager Cross Site Scripting (XSS)

Bungie vaulting Destiny 2 content backfires with the latest Red War lawsuit court ruling

CVE-2025-4809 – Tenda AC7 Stack-Based Buffer Overflow Vulnerability

CVE-2025-5608 – Tenda AC18 Buffer Overflow Vulnerability

Related Posts