CVE-2025-5862
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-06-09
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ac7_firmware | 15.03.06.44 |
| tenda | ac7 | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AC7 router running firmware version 15.03.06.44 with an alternative device, as no known countermeasures or mitigations currently exist. Additionally, restricting remote access to the vulnerable endpoint and monitoring for exploit attempts may help reduce risk until replacement is possible. [2]
Can you explain this vulnerability to me?
CVE-2025-5862 is a critical buffer overflow vulnerability in the Tenda AC7 router firmware version 15.03.06.44. It affects the function formSetPPTPUserList, specifically the 'list' parameter, where input data is improperly handled without verifying its size before copying it to an output buffer. This leads to a buffer overflow condition that can be exploited remotely without authentication, potentially allowing an attacker to execute arbitrary code or cause a denial of service on the device. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing remote attackers to compromise the affected Tenda AC7 router. Exploiting the buffer overflow can lead to arbitrary code execution, which means attackers could take control of the device, or cause a denial of service, rendering the device unusable. This affects the confidentiality, integrity, and availability of the device and any network it supports. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic for requests to the endpoint /goform/setPptpUserList containing the 'list' parameter with unusually large or malformed input that could trigger the buffer overflow. Since the exploit is publicly disclosed and easy to exploit remotely without authentication, inspecting HTTP POST requests to this endpoint for suspicious payloads is recommended. Specific detection commands are not provided in the available resources. [1, 2]