CRITICALπŸ‡΅πŸ‡± Wersja polska

CVE-2025-25664

CVSS 9.8v3.1pub. 2025-02-20upd. 2025-03-17

Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function.

πŸ€– AI Analysis
How it works

The vulnerability occurs in the sub_49E098 function, which improperly handles the shareSpeed parameter β€” it does not verify the length of supplied input data before copying it to the stack (CWE-120, CWE-787). An attacker can send a specially crafted network request with an excessively long shareSpeed parameter value, causing a buffer overflow on the stack. As a result, it is possible to overwrite the function's return address and hijack control of the program's execution flow.

Impact

An unauthenticated remote attacker can gain full control over the device, which in practice means the ability to execute arbitrary code (RCE) with the privileges of the process handling the request, thereby compromising the router, modifying network configuration, or using the device as an entry point to the internal network.

Mitigation & patch

Security patches available from the manufacturer should be applied in accordance with the references. Until an update is applied, it is recommended to restrict access to the router's management interface only to trusted hosts, block access from the WAN network, and monitor network traffic directed to the device.

Who is affected

Tenda AC8V4 with firmware version V16.03.34.06

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Tenda Ac8

    HW
    Tenda
    4.0
  • Tenda Ac8 Firmware

    OS
    Tenda
    16.03.34.06
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-29100CRITICAL9.8PL βœ“ten sam produkt

Buffer Overflow w Tenda AC8 β€” funkcja fromSetRouteStatic

CVE-2025-25668CRITICAL9.8PL βœ“ten sam produkt

Tenda AC8V4 β€” stack overflow w parametrze shareSpeed (RCE)

CVE-2025-25667CRITICAL9.8PL βœ“ten sam produkt

Buffer overflow w Tenda AC8V4 β€” stack overflow w funkcji get_parentControl_list_Info

CVE-2025-25663CRITICAL9.8PL βœ“ten sam produkt

Tenda AC8V4 β€” stack-based buffer overflow w funkcji WifiExtraSet

CVE-2024-57703CRITICAL9.8PL βœ“ten sam produkt

Tenda AC8v4 β€” stack overflow w funkcji setSchedWifi (schedEndTime)

CVE-2025-25664 β€” Tenda β€” Ac8 β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl