Submit #791819: Tenda AC7 AC7V1.0 V15.03.06.44 Buffer Overflowinfo

TitleTenda AC7 AC7V1.0 V15.03.06.44 Buffer Overflow
DescriptionThe Tenda AC7V1.0 V15.03.06.44 firmware has a stack overflow vulnerability in the addWifiMacFilter function. The device_mac variable receives the deviceMac parameter from a POST request. The value is directly used in a sprintf function and passes to a local variable on the stack, which can override the return address of the function. The user-provided deviceMac can trigger this security vulnerability.
Source⚠️ https://lavender-bicycle-a5a.notion.site/Tenda-AC7-addWifiMacFilter-33153a41781f80d18ec0ec62c5cfa1b1?source=copy_link
User
 wxhwxhwxh_mie (UID 66748)
Submission03/28/2026 09:05 (13 days ago)
Moderation04/09/2026 14:05 (12 days later)
StatusDuplicate
VulDB entry236325 [Tenda AC5/AC7/AC9/F1203/FH1205 addWifiMacFilter deviceId stack-based overflow]
Points0

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!