CVE-2025-50402
Published: 26 November 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-50402 is a buffer overflow vulnerability (CWE-120) affecting the FAST FAC1200R F400_FAC1200R_Q firmware or component. The issue resides in the function sub_80435780, which can be triggered via a specially crafted value in the fac_password parameter. Published on 2025-11-26 with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it represents a critical remote code execution risk in this IoT device firmware.
An unauthenticated attacker with network access can exploit this vulnerability by sending a malicious fac_password string to the affected component, leading to a buffer overflow. Successful exploitation allows arbitrary code execution with high impact on confidentiality, integrity, and availability, potentially resulting in full device compromise, such as router takeover for further network pivoting or data exfiltration.
References point to a GitHub repository (https://github.com/sezangel/IOT-vul/tree/main/FAST/FAC1200R/2) containing vulnerability details or proof-of-concept code for the FAST FAC1200R, but no official advisories or patches are detailed in available information. Security practitioners should isolate affected devices and monitor for firmware updates from the vendor.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a critical unauthenticated buffer overflow in router firmware exploitable over the network via a crafted parameter, directly enabling remote code execution through exploitation of a public-facing application.