CVE-2025-5629
BaseFortify
Publication date: 2025-06-05
Last updated on: 2025-06-06
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac10_firmware | to 15.03.06.47 (inc) |
| tenda | ac10 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5629 is a critical buffer overflow vulnerability in the Tenda AC10 router firmware up to version 15.03.06.47. It exists in the HTTP handler component, specifically in the formSetPPTPServer function that processes HTTP requests at the /goform/SetPptpServerCfg endpoint. The vulnerability occurs because the startIp and endIp parameters are copied into a buffer without proper size checks, leading to a stack-based buffer overflow. This can be triggered remotely by sending a specially crafted HTTP request, potentially causing a denial-of-service or further exploitation. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by compromising the confidentiality, integrity, and availability of the affected Tenda AC10 router. Exploiting the buffer overflow can cause a denial-of-service condition, making the device unavailable. Additionally, it may allow attackers to execute further exploits remotely, potentially gaining unauthorized control or disrupting network operations. There are currently no known patches, so the recommended mitigation is to replace the affected product. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests to the endpoint /goform/SetPptpServerCfg for suspicious or unusually large startIp or endIp parameters that may trigger a buffer overflow. Since the exploit involves sending a specially crafted HTTP request with malicious startIp/endIp parameters, network intrusion detection systems (NIDS) can be configured to alert on such requests. Specific commands to detect this might include using tools like curl or wget to test the endpoint with crafted parameters, or using network monitoring tools like tcpdump or Wireshark to capture and analyze HTTP traffic targeting /goform/SetPptpServerCfg. For example, a curl command to test might be: curl -X POST http://<router-ip>/goform/SetPptpServerCfg -d "startIp=<very long string>&endIp=<very long string>". However, no specific detection commands are provided in the resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AC10 router firmware versions up to 15.03.06.47 with a non-vulnerable version or a different product, as no patches or countermeasures are currently available. Additionally, restricting or blocking HTTP access to the /goform/SetPptpServerCfg endpoint from untrusted networks can reduce exposure. Monitoring network traffic for exploit attempts and disabling PPTP server functionality if not needed may also help mitigate risk. [2]