CRITICAL🇵🇱 Wersja polska

CVE-2025-25663

CVSS 9.8v3.1pub. 2025-02-20upd. 2025-03-17

A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow.

🤖 AI Analysis
How it works

The vulnerability exists in the SUB_0046AC38 function handling the /goform/WifiExtraSet endpoint. Sending a properly crafted value of the wpapsk_crypto argument causes a stack-based buffer overflow, which results from the lack of proper validation of input data length (CWE-120, CWE-787). Stack overwrite allows the attacker to take control of the program execution flow.

Impact

A remote unauthenticated attacker can gain full control over the device, including the ability to execute arbitrary code (RCE) with the privileges of the process handling network requests.

Mitigation & patch

Apply patches available from the manufacturer according to the references. As a temporary measure, it is recommended to restrict access to the device's administrative interface only to trusted hosts on the local network and block access to the /goform/WifiExtraSet endpoint from the WAN.

Who is affected

Tenda AC8V4 with firmware version V16.03.34.06

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Tenda Ac8

    HW
    Tenda
    4.0
  • Tenda Ac8 Firmware

    OS
    Tenda
    16.03.34.06
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2025-29100CRITICAL9.8PL ✓ten sam produkt

Buffer Overflow w Tenda AC8 — funkcja fromSetRouteStatic

CVE-2025-25668CRITICAL9.8PL ✓ten sam produkt

Tenda AC8V4 — stack overflow w parametrze shareSpeed (RCE)

CVE-2025-25667CRITICAL9.8PL ✓ten sam produkt

Buffer overflow w Tenda AC8V4 — stack overflow w funkcji get_parentControl_list_Info

CVE-2025-25664CRITICAL9.8PL ✓ten sam produkt

Tenda AC8V4 — stack overflow przez parametr shareSpeed (RCE)

CVE-2024-57703CRITICAL9.8PL ✓ten sam produkt

Tenda AC8v4 — stack overflow w funkcji setSchedWifi (schedEndTime)