CVE-2025-25676
Published: 20 February 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-25676 is a buffer overflow vulnerability (CWE-120) affecting the Tenda i12 router running firmware version V1.0.0.10(3805). The issue resides in the formwrlSSIDset function, where the list parameter triggers the overflow. It received a CVSS v3.1 base score of 9.8, indicating critical severity due to its network accessibility, low attack complexity, lack of required privileges or user interaction, and high impacts on confidentiality, integrity, and availability.
A remote, unauthenticated attacker can exploit this vulnerability over the network by sending a specially crafted request targeting the vulnerable parameter. Successful exploitation could allow arbitrary code execution, potentially granting full control over the affected device, including data theft, modification of configurations, or use as a pivot for further network compromise.
Details on exploitation and potential mitigations are documented in the referenced advisory at https://github.com/jangfan/my-vuln/blob/main/Tenda/i12V1/wifiSSIDget.md. No official patches or vendor advisories were detailed in available information at the time of publication on 2025-02-20.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The remote unauthenticated buffer overflow in the router's public-facing web interface (formwrlSSIDset) directly enables exploitation via T1190 to achieve arbitrary code execution and full device control.