Skip to main content
CVE-2025-51087 HIGH POC This Week

Stack-based buffer overflow in the Tenda AC8V4 router (firmware V16.03.34.06) lets remote attackers corrupt memory by supplying an oversized 'time' parameter to the /goform/saveParentControlInfo web endpoint. Per the published CVSS vector the flaw is network-reachable with no authentication (PR:N) and low complexity, and publicly available exploit code exists (no public exploit identified as actively exploited in CISA KEV). The EPSS score of 8.43% (94th percentile) marks it as elevated exploitation likelihood relative to the CVE population.

Buffer Overflow Tenda Stack Overflow Ac8 Firmware
NVD GitHub
CVSS 3.1
8.6
EPSS
8.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy