Cyber Posture

CVE-2025-29029

CriticalPublic PoC

Published: 14 March 2025

Published
14 March 2025
Modified
18 March 2025
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0014 33.3th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CVE-2025-29029 is a buffer overflow vulnerability (CWE-787) affecting Tenda AC6 routers running version v15.03.05.16. The issue resides in the formSetSpeedWan function, which can be triggered to cause an out-of-bounds write. Published on 2025-03-14, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical severity.

An unauthenticated remote attacker with network access to the device can exploit this vulnerability with low attack complexity and no user interaction required. Exploitation enables high-impact consequences across confidentiality, integrity, and availability, potentially allowing arbitrary code execution on the router.

Mitigation details are available in the referenced advisory at https://github.com/WhereisDoujo/CVE/issues/2.

Details

CWE(s)
CWE-787

Affected Products

tenda
ac6 firmware
15.03.05.16

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Buffer overflow in the router's public-facing web interface (formSetSpeedWan) enables exploitation for initial access (T1190) and denial of service via application exploitation leading to crash (T1499.004).

References