Cyber Posture

CVE-2025-25664

CriticalPublic PoC

Published: 20 February 2025

Published
20 February 2025
Modified
17 March 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0009 25.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

Security Summary

CVE-2025-25664, published on 2025-02-20, is a stack overflow vulnerability affecting the Tenda AC8V4 router firmware version V16.03.34.06. The flaw occurs via the shareSpeed parameter in the sub_49E098 function and is classified under CWE-787 (Out-of-bounds Write) and CWE-120 (Buffer Copy without Checking Size of Input). It carries a CVSS v3.1 base score of 9.8 (Critical), indicating severe risk.

The vulnerability enables exploitation over the network (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N), no user interaction (UI:N), and unchanged impact scope (S:U). Remote, unauthenticated attackers can trigger the stack overflow to achieve high confidentiality (C:H), integrity (I:H), and availability (A:H) impacts, likely resulting in arbitrary code execution or device compromise.

Mitigation details are available in the referenced advisory at https://github.com/jangfan/my-vuln/blob/main/Tenda/AC8V4/SetIpMacBind.md. No specific patches or vendor guidance are detailed in the provided CVE information.

Details

CWE(s)
CWE-787CWE-120

Affected Products

tenda
ac8 firmware
16.03.34.06

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Stack overflow in router web interface via shareSpeed parameter enables remote code execution, mapped to exploitation of public-facing application.

References