Stack Overflow Vulnerability in Tenda AC8 Router
CVE-2025-29118

6.5MEDIUM

Key Information:

Vendor: Tenda
Status: AC8 Router
Vendor: CVE Published:; 19 March 2025

Summary

The Tenda AC8 router, specifically version V16.03.34.06, is susceptible to a stack overflow vulnerability caused by improper handling of parameters in the sub_47D878 function. An attacker could potentially exploit this flaw through crafted requests, leading to denial of service or arbitrary code execution. Organizations using this model should assess their exposure and implement necessary security measures to protect their networks.

References

https://github.com/Raining-101/IOT_cve/blob/main/tenda-ac...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 19, 2025
Vulnerability Reserved
Mar 11, 2025