CVE-2025-13445

HighPublic PoC

Published: 20 November 2025

Published

20 November 2025

Modified

24 February 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0054 67.6th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A flaw has been found in Tenda AC21 16.03.08.16. This affects an unknown part of the file /goform/SetIpMacBind. Executing a manipulation of the argument list can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has…

been published and may be used.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation of inputs to the /goform/SetIpMacBind endpoint to prevent stack-based buffer overflows from manipulated argument lists.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms such as stack canaries or ASLR to mitigate stack-based buffer overflow exploits even if invalid inputs are processed.

SI-2 Flaw Remediation good match

prevent

Mandates timely remediation of the identified buffer overflow flaw in Tenda AC21 firmware version 16.03.08.16 to eliminate the vulnerability.

Security SummaryAI

CVE-2025-13445 is a stack-based buffer overflow vulnerability (CWE-119, CWE-121) affecting Tenda AC21 routers on firmware version 16.03.08.16. The issue lies in an unknown component of the /goform/SetIpMacBind file, where manipulation of the argument list triggers the overflow. Published on 2025-11-20, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity.

An authenticated remote attacker with low privileges can exploit this vulnerability over the network with minimal complexity and no user interaction required. Successful exploitation enables high-impact compromise of confidentiality, integrity, and availability, potentially leading to arbitrary code execution on the device. An exploit has been publicly disclosed and is available for use.

Advisories and details are available via VulDB entries (ctiid.333017, id.333017, submit.694066) and the vendor's site at tenda.com.cn. The full exploit PoC is hosted on GitHub at github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN7.md. Practitioners should review these sources for patch availability and mitigation steps.

Details

CWE(s): CWE-119 CWE-121

Affected Products

tenda

ac21 firmware

16.03.08.16

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1210 Exploitation of Remote Services Lateral Movement

Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Remote stack-based buffer overflow in router web interface (/goform/SetIpMacBind) enables exploitation of public-facing application (T1190), exploitation of remote services (T1210), and application exhaustion/DoS (T1499.004) via overflow; PoC available, potentially leading to RCE.

References

https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN7.md
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.333017
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.333017
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.694066
Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com
https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN7.md
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0