How to fix CVE-2025-5607?

Within 24 hours: Identify and inventory all Tenda AC18 devices running firmware 15.03.05.05; isolate affected devices from production networks if possible and restrict administrative access. Within 7 days: Contact Tenda for patch availability and timeline; implement network segmentation to limit device exposure; deploy WAF rules to block malicious PPTP requests if devices cannot be isolated. Within 30 days: Apply vendor patch immediately upon release; conduct network forensics to detect any compromise indicators; replace devices if no patch becomes available within 60 days.

Is Ac18 Firmware affected by CVE-2025-5607?

A critical remote buffer overflow vulnerability in Tenda AC18 routers (firmware 15.03.05.05) allows unauthenticated attackers to execute arbitrary code and potentially compromise network infrastructure.

CVE-2025-5607

EUVD-2025-16917 HIGH

2025-06-04 [email protected]

8.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 17:29 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 17:29 euvd

EUVD-2025-16917

PoC Detected

Jun 17, 2025 - 20:40 vuln.today

Public exploit code

CVE Published

Jun 04, 2025 - 20:15 nvd

HIGH 8.8

Description

A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

Critical buffer overflow vulnerability in Tenda AC18 router firmware version 15.03.05.05, affecting the PPTP user list management function accessible via /goform/setPptpUserList. An authenticated attacker can exploit this remotely to achieve remote code execution with high impact on confidentiality, integrity, and availability. A public exploit proof-of-concept exists, increasing real-world exploitation risk.

Technical Context

The vulnerability exists in the formSetPPTPUserList function of Tenda AC18 wireless routers, specifically in the PPTP (Point-to-Point Tunneling Protocol) user management feature. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow where user-supplied input via the 'list' parameter is not properly validated before being written to a fixed-size buffer. PPTP is a legacy VPN protocol commonly used in embedded router firmware. The affected CPE would be: cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*. This administrative interface function is typically accessed through the router's web management portal, suggesting the vulnerability resides in the HTTP request handling layer of the router's web server.

Affected Products

- vendor: Tenda; product: AC18; affected_version: 15.03.05.05; cpe: cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*; component: PPTP user list management function (/goform/setPptpUserList); status: Vulnerable - no patch version identified in available data

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.2

CVSS: +44

POC: +20

CVE-2025-5607 vulnerability details – vuln.today

Back

CVE-2025-5607

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

CVE-2025-5607

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

External POC / Exploit Code