CVE-2025-11528

CVE-2025-11528 is a stack-based buffer overflow vulnerability in Tenda AC7 routers running firmware version 15.03.06.44. The flaw affects an unknown function in the /goform/saveAutoQos file, triggered by manipulation of the "enable" argument. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation by attackers who possess low privileges, such as authenticated users with limited access to the device. By sending crafted requests to the vulnerable endpoint, an attacker can overflow the stack, potentially achieving high-impact compromise including unauthorized data access, modification, and denial of service, up to remote code execution.

Advisories from VulDB (ctiid.327666, id.327666, submit.669859) document the issue, while a proof-of-concept exploit is publicly available on GitHub at https://github.com/noahze01/IoT-vulnerable/blob/main/Tenda/AC7/saveAutoQos.md. The vendor's site at https://www.tenda.com.cn/ provides general product information, but no specific patch or mitigation details are referenced in the available sources.

The publicly available exploit increases the risk of real-world exploitation against unpatched Tenda AC7 devices exposed to the internet.