CVE-2018-18706

EPSS 0.50% · P66 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-18706

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromDhcpListClient" for a request, it is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Tenda产品httpd 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Tenda AC7等都是中国腾达（Tenda）公司的无线路由器产品。httpd是其中的一个HTTP服务器组件。多款Tenda产品中的httpd存在缓冲区溢出漏洞。攻击者可利用该漏洞造成拒绝服务（覆盖函数的返回地址）。以下产品和版本受到影响：Tenda AC7 V15.03.06.44_CN版本；AC9 V15.03.05.19(6318)_CN版本；AC10 V15.03.06.23_CN版本；AC15 V15.03.05.19_CN版本；AC18 V15.03.05.19(6318)_CN版本。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-18706

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-18706

请登录查看更多情报信息。

Same Patch Batch · n/a · 2018-10-27 · 15 CVEs total

CVE-2018-18707		多款Tenda产品httpd 缓冲区错误漏洞
CVE-2018-18708		多款Tenda产品httpd 缓冲区错误漏洞
CVE-2018-18709		多款Tenda产品httpd 缓冲区错误漏洞
CVE-2018-18710		Linux kernel 信息泄露漏洞
CVE-2018-18711		WUZHI CMS 跨站请求伪造漏洞
CVE-2018-18712		WUZHI CMS 跨站请求伪造漏洞
CVE-2018-18713		PHPYun 路径遍历漏洞
CVE-2018-18702		iCMS SQL注入漏洞
CVE-2018-18703		PhpTpoint Mailing Server Using File Handling 安全漏洞
CVE-2018-18704		PhpTpoint Pharmacy Management System SQL注入漏洞
CVE-2018-18705		PhpTpoint Hospital Management System SQL注入漏洞
CVE-2018-18699		GoPro gpmf-parser 缓冲区错误漏洞
CVE-2018-18700		GNU Binutils 安全漏洞
CVE-2018-18701		GNU Binutils 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-18706

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-18706

I. Basic Information for CVE-2018-18706

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-18706

III. Intelligence Information for CVE-2018-18706

Same Patch Batch · n/a · 2018-10-27 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-18706

Leave a comment