Stack Overflow Vulnerability in Tenda AX12 Router
CVE-2025-29214

7.5HIGH

Key Information:

Vendor: Tenda
Status: AX12 Router
Vendor: CVE Published:; 20 March 2025

Summary

A stack overflow vulnerability has been identified in the Tenda AX12 router, specifically within the MAC filter configuration feature. The flaw resides in the function sub_42F69C located at /goform/setMacFilterCfg, which can be exploited by sending specially crafted requests. This could potentially allow an attacker to execute arbitrary code, leading to unauthorized access or control of the device, compromising the overall integrity and security of the router.

References

https://github.com/isstabber/my_VulnHub/blob/main/Tenda/A...

https://gist.github.com/isstabber/85fe01ed47ad7ef820f86bf...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Mar 11, 2025