Stack-Based Buffer Overflow Affecting Tenda AC7 Router
CVE-2025-1851

8.7HIGH

Key Information:

Vendor
Tenda
Status
Ac7
Vendor
CVE Published:
3 March 2025

Badges

📈 Score: 131👾 Exploit Exists🟡 Public PoC

What is CVE-2025-1851?

CVE-2025-1851 is a critical vulnerability affecting the Tenda AC7 router, a device commonly used in home and small office networking environments. This vulnerability arises from a stack-based buffer overflow in the firewall configuration functionality of the router, specifically through the formSetFirewallCfg method. If exploited, it allows remote attackers to manipulate certain arguments, potentially leading to unauthorized access or control over the device. This can jeopardize the security of an organization’s network, exposing sensitive information and making it vulnerable to further attacks.

Technical Details

The vulnerability is characterized by a stack-based buffer overflow that occurs in the function formSetFirewallCfg found within the /goform/SetFirewallCfg file of the Tenda AC7 router firmware versions up to 15.03.06.44. The flaw allows attackers to send crafted requests to the device, manipulating the firewallEn argument to exceed buffer limits, which can ultimately enable the execution of arbitrary code. This type of vulnerability can be particularly dangerous as it can be triggered remotely without physical access to the device.

Potential Impact of CVE-2025-1851

  1. Remote Code Execution: The primary concern surrounding this vulnerability is the potential for remote code execution, where an attacker can execute arbitrary commands on the affected device. This opens the door for further exploitation, such as installing malware or creating backdoors.

  2. Network Compromise: Due to the router's role in managing network traffic, successful exploitation can lead to a compromise of the entire network. This could allow attackers to monitor, intercept, or manipulate data being transmitted across the network, leading to significant data breaches.

  3. Increased Risk of Malware Deployment: With the ability to exploit the router, attackers can deploy ransomware or other malicious software, disrupting organizational operations and potentially leading to financial losses and reputational damage. The implications extend beyond immediate data loss, affecting customer trust and compliance with regulatory standards.

Affected Version(s)

AC7 15.03.06.0

AC7 15.03.06.1

AC7 15.03.06.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-1851 - Proof of Concept

References

https://vuldb.com/?id.298119
vdb-entrytechnical-description
https://vuldb.com/?ctiid.298119
signaturepermissions-required
https://vuldb.com/?submit.505271
third-party-advisory

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Raining101 (VulDB User)
.