CVE-2025-11326
Published: 06 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11326 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) affecting the Tenda AC18 router on firmware version 15.03.05.19(6318). The issue lies in the /goform/WifiMacFilterSet component, where manipulation of the wifi_chkHz argument triggers the overflow. Published on 2025-10-06, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation by an attacker with low privileges over the network, requiring low complexity and no user interaction. Successful attacks can result in high impacts to confidentiality, integrity, and availability, potentially leading to arbitrary code execution and full device compromise.
Advisories from VulDB (ctiid.327209, id.327209, submit.664530) document the flaw and note that a public exploit is available in a GitHub repository detailing the Tenda AC18 WifiMacFilterSet vulnerability. The vendor's site (tenda.com.cn) is referenced, but no specific patches or mitigation steps are outlined in the provided references.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Stack-based buffer overflow in the remotely accessible web endpoint /goform/WifiMacFilterSet allows exploitation of a public-facing application on the Tenda AC18 router.