CVE-2025-11526
Published: 09 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-11526 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) affecting Tenda AC7 router firmware version 15.03.06.44. The flaw exists in an unknown function of the /goform/WifiMacFilterSet file, where manipulation of the wifi_chkHz argument triggers the overflow. Published on 2025-10-09, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
The vulnerability enables remote exploitation over the network by attackers possessing low privileges, with low attack complexity and no user interaction required. Successful exploitation can result in high confidentiality, integrity, and availability impacts, potentially allowing arbitrary code execution or denial of service on the affected device.
Advisories and related resources, including VulDB entries (e.g., https://vuldb.com/?id.327664) and a public proof-of-concept on GitHub (https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC7/WifiMacFilterSet.md), document the issue but do not specify patches or mitigations in the available details.
The exploit has been publicly disclosed and could be used in attacks targeting exposed Tenda AC7 routers.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Stack-based buffer overflow in the router's web interface (/goform/WifiMacFilterSet) via remote manipulation of wifi_chkHz enables exploitation of a public-facing application for remote code execution.