CVE-2025-1853
Published: 03 March 2025
Description
A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Security Summary
CVE-2025-1853, published on 2025-03-03, is a critical stack-based buffer overflow vulnerability (CVSS 8.8; CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting Tenda AC8 router firmware version 16.03.34.06. The flaw resides in the sub_49E098 function within the /goform/SetIpMacBind file of the Parameter Handler component, triggered by manipulation of the argument list. It is associated with CWEs-119, CWE-121, and CWE-787.
An attacker with low privileges can exploit this vulnerability remotely over the network with low attack complexity and no user interaction required. Successful exploitation enables high-impact consequences, including unauthorized access to sensitive data (C:H), modification of system resources (I:H), and disruption of services (A:H), such as potential remote code execution or device crashes via the buffer overflow.
Advisories and details are documented in references including a GitHub proof-of-concept at https://github.com/Raining-101/IOT_cve/blob/main/tenda-ac8_sub_49E098.md, VULDB entries at https://vuldb.com/?ctiid.298121, https://vuldb.com/?id.298121, and https://vuldb.com/?submit.505374, and the vendor site at https://www.tenda.com.cn/. The exploit has been publicly disclosed and may be used, but no specific patches or mitigations are detailed in the available information.
Exploitation is feasible given the public disclosure of the exploit, posing elevated risk to exposed Tenda AC8 devices running the affected firmware version.
Details
- CWE(s)