CVE-2025-29384

CVE-2025-29384 is a stack overflow vulnerability (CWE-787) affecting the Tenda AC9 v1.0 router on firmware version V15.03.05.14_multi. The issue resides in the wanMTU parameter handled by the /goform/AdvSetMacMtuWan web endpoint, which can be triggered to overflow the stack and enable remote arbitrary code execution. Published on 2025-03-14, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), marking it as critical.

An unauthenticated remote attacker can exploit this vulnerability over the network with low complexity and no user interaction. By submitting a specially crafted request to the vulnerable endpoint, the attacker triggers the stack overflow, allowing arbitrary code execution on the router's stack, which could compromise the device's full control, including network traffic manipulation or use as a pivot point.

The primary reference detailing the vulnerability is a GitHub document at https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan1.md, which likely includes exploit specifics. No vendor advisories or patches are mentioned in the available information.