What is the CVSS score of CVE-2025-5607?

CVE-2025-5607 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.2%.

Which versions of Ac18 Firmware are affected by CVE-2025-5607?

A critical remote buffer overflow vulnerability in Tenda AC18 routers (firmware 15.03.05.05) allows unauthenticated attackers to execute arbitrary code and potentially compromise network…

Is there a public PoC exploit available for CVE-2025-5607?

Yes, a public proof-of-concept exploit is available for CVE-2025-5607. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-5607?

Within 24 hours: Identify and inventory all Tenda AC18 devices running firmware 15.03.05.05; isolate affected devices from production networks if possible and restrict administrative access. Within 7 days: Contact Tenda for patch availability and timeline; implement network segmentation to limit device exposure; deploy WAF rules to block malicious PPTP requests if devices cannot be isolated. Within 30 days: Apply vendor patch immediately upon release; conduct network forensics to detect any compromise indicators; replace devices if no patch becomes available within 60 days.

Ac18 Firmware CVE-2025-5607

EUVD-2025-16917 HIGH

Buffer Overflow (CWE-119)

2025-06-04 cna@vuldb.com

Buffer Overflow Tenda Ac18 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:29 euvd

EUVD-2025-16917

Analysis Generated

Mar 14, 2026 - 17:29 vuln.today

PoC Detected

Jun 17, 2025 - 20:40 vuln.today

Public exploit code

CVE Published

Jun 04, 2025 - 20:15 nvd

HIGH 8.8

DescriptionNVD

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in Tenda AC18 router firmware version 15.03.05.05, affecting the PPTP user list management function accessible via /goform/setPptpUserList. An authenticated attacker can exploit this remotely to achieve remote code execution with high impact on confidentiality, integrity, and availability. A public exploit proof-of-concept exists, increasing real-world exploitation risk.

Technical ContextAI

The vulnerability exists in the formSetPPTPUserList function of Tenda AC18 wireless routers, specifically in the PPTP (Point-to-Point Tunneling Protocol) user management feature. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow where user-supplied input via the 'list' parameter is not properly validated before being written to a fixed-size buffer. PPTP is a legacy VPN protocol commonly used in embedded router firmware. The affected CPE would be: cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*. This administrative interface function is typically accessed through the router's web management portal, suggesting the vulnerability resides in the HTTP request handling layer of the router's web server.

CVE-2025-5607 vulnerability details – vuln.today

Back

Ac18 Firmware CVE-2025-5607

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Share

External POC / Exploit Code