CVE-2025-7597
BaseFortify
Publication date: 2025-07-14
Last updated on: 2025-07-15
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | ax1803_firmware | 1.0.0.1 |
| tenda | ax1803 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda AX1803 router, as no known mitigations or countermeasures exist. Avoid exposing the device to untrusted networks and restrict access to the /goform/setMacFilterCfg endpoint if possible. [1]
Can you explain this vulnerability to me?
CVE-2025-7597 is a critical stack-based buffer overflow vulnerability in the Tenda AX1803 router (version 1.0.0.1). It occurs in the function formSetMacFilterCfg within the file /goform/setMacFilterCfg, where improper handling of the deviceList argument allows an attacker to send crafted input that overflows a buffer on the stack. This overflow can compromise the device's confidentiality, integrity, and availability. The vulnerability can be exploited remotely without local access, and a public exploit is available. [1]
How can this vulnerability impact me? :
This vulnerability can allow a remote attacker to execute a stack-based buffer overflow on the affected router, potentially leading to unauthorized control over the device, disruption of network services, and compromise of sensitive data. Because it affects confidentiality, integrity, and availability, it can result in device takeover, denial of service, or data breaches. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no specific detection commands or network indicators provided for this vulnerability. Detection would likely require monitoring for suspicious requests to the /goform/setMacFilterCfg endpoint with crafted deviceList parameters, but no explicit commands or signatures are available. [1]