CVE-2025-14656

HighPublic PoC

Published: 14 December 2025

Published

14 December 2025

Modified

24 February 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0014 33.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has…

been made available to the public and could be used for attacks.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Validates inputs like schedStartTime and schedEndTime parameters to prevent buffer overflow exploitation in the httpd function.

SI-16 Memory Protection good match

prevent

Implements memory protection mechanisms such as stack canaries, ASLR, and DEP to mitigate buffer overflow attacks leading to code execution.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and remediation of the specific buffer overflow flaw in Tenda AC20 firmware version 16.03.08.12.

Security SummaryAI

CVE-2025-14656 is a buffer overflow vulnerability (CWE-119, CWE-120) affecting Tenda AC20 router firmware version 16.03.08.12. The flaw exists in the httpd function of the /goform/openSchedWifi file, where manipulation of the schedStartTime and schedEndTime arguments triggers the overflow. Published on 2025-12-14, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity.

The vulnerability enables remote exploitation over the network with low attack complexity, requiring only low privileges such as an authenticated user account. No user interaction is needed, and successful attacks can achieve high impacts on confidentiality, integrity, and availability, potentially leading to arbitrary code execution or full device compromise.

VulDB advisories (ctiid.336389, id.336389, submit.712917) document the issue, while a proof-of-concept exploit is publicly available on GitHub (https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN14/AC20_openSchedWifi.md). The Tenda website (https://www.tenda.com.cn/) is referenced, but no specific patches or mitigations are detailed in the provided information. The public exploit availability increases the risk of real-world attacks.

Details

CWE(s): CWE-119 CWE-120

Affected Products

tenda

ac20 firmware

16.03.08.12

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The buffer overflow vulnerability in the Tenda AC20 router's public-facing web interface (/goform/openSchedWifi) via HTTP manipulation of schedStartTime/schedEndTime parameters enables remote exploitation of a public-facing application, potentially leading to RCE or DoS.

References

https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN14/AC20_openSchedWifi.md
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.336389
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.336389
Third Party Advisory, VDB Entry · cna@vuldb.com
https://vuldb.com/?submit.712917
Third Party Advisory, VDB Entry · cna@vuldb.com
https://www.tenda.com.cn/
Product · cna@vuldb.com