CVE-2025-5608
BaseFortify
Publication date: 2025-06-04
Last updated on: 2025-06-17
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac18 | * |
| tenda | ac18_firmware | 15.03.05.05 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5608 is a critical buffer overflow vulnerability in the Tenda AC18 router firmware version 15.03.05.05. It occurs in the function formsetreboottimer within the file /goform/SetSysAutoRebbotCfg, specifically due to improper handling of the rebootTime parameter. An attacker can send a specially crafted input that overflows the buffer, potentially allowing arbitrary code execution or causing a denial of service. This vulnerability can be exploited remotely and has publicly available proof-of-concept exploits. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected Tenda AC18 router. An attacker exploiting this buffer overflow can execute arbitrary code remotely, potentially taking control of the device, disrupting its operation (denial of service), or using it as a foothold for further attacks within your network. Since no known mitigations or fixes currently exist, the risk remains high. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves checking if the Tenda AC18 router is running firmware version 15.03.05.05 and monitoring for suspicious requests to the /goform/SetSysAutoRebbotCfg endpoint, especially those manipulating the rebootTime parameter. Network intrusion detection systems (NIDS) can be configured to alert on unusual or malformed HTTP POST requests targeting this endpoint. Specific commands are not provided in the resources, but general approaches include using tools like curl or wget to test the endpoint, or employing network traffic analysis tools to detect exploit attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AC18 router running firmware version 15.03.05.05 with an alternative device, as no known fixes or countermeasures currently exist. Additionally, restricting remote access to the router's management interface and monitoring for exploit attempts can help reduce risk until replacement is possible. [2]