Stack Overflow Vulnerability in Tenda AC8 Router
CVE-2025-51088

5.3MEDIUM

Key Information:

Vendor: Tenda
Status: Tenda AC8
Vendor: CVE Published:; 24 July 2025

What is CVE-2025-51088?

The Tenda AC8 router version V4 V16.03.34.06 is susceptible to a stack overflow vulnerability in the /goform/WifiGuestSet endpoint. An attacker can exploit this vulnerability by manipulating the 'shareSpeed' argument, potentially leading to a stack-based buffer overflow. Such exploits can compromise the device's stability and may allow unauthorized access or denial of service. It is critical for users to review firmware updates and implement best security practices to mitigate risks associated with this vulnerability.

References

http://tenda.com

https://github.com/TL-SN/IOT/blob/main/Tenda/Tenda-AC8v4%...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 24, 2025
Vulnerability Reserved
Jun 16, 2025