CVE-2025-5852
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-06-09
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac6_firmware | 15.03.05.16 |
| tenda | ac6 | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5852 is a critical buffer overflow vulnerability in the Tenda AC6 router firmware version 15.03.05.16. It occurs in the function formSetPPTPUserList within the file /goform/setPptpUserList. The vulnerability arises because the device improperly handles input data by copying an input buffer to an output buffer without verifying that the input size fits, leading to a buffer overflow. This flaw can be exploited remotely to cause unexpected behavior or execute arbitrary code on the device. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to exploit the buffer overflow to compromise the confidentiality, integrity, and availability of the affected Tenda AC6 router. Exploitation may lead to arbitrary code execution, device takeover, or denial of service, potentially disrupting network operations and exposing sensitive data. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for attempts to access or exploit the /goform/setPptpUserList endpoint, especially with unusual or oversized input in the 'list' parameter that could trigger a buffer overflow. Network intrusion detection systems (NIDS) can be configured to alert on HTTP POST requests to /goform/setPptpUserList with suspicious payload sizes or patterns. Specific commands depend on the tools used, but for example, using curl to test the endpoint with crafted input could help verify vulnerability presence: curl -X POST http://<router_ip>/goform/setPptpUserList -d "list=<oversized_payload>". Additionally, monitoring router logs for crashes or abnormal behavior after such requests can indicate exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include discontinuing use of the affected Tenda AC6 router firmware version 15.03.05.16 and replacing the device with a secure alternative, as no known mitigations or patches currently exist. Restricting remote access to the router's management interface, especially blocking access to the /goform/setPptpUserList endpoint, can reduce exposure. Network-level protections such as firewalls or intrusion prevention systems should be configured to detect and block exploit attempts targeting this vulnerability. [2]