What is the CVSS score of CVE-2025-5609?

CVE-2025-5609 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.2%.

Which versions of Ac18 Firmware are affected by CVE-2025-5609?

Tenda AC18 routers (model 15.03.05.05) contain a critical remote code execution vulnerability with public exploit code available, allowing attackers to compromise network infrastructure without…

Is there a public PoC exploit available for CVE-2025-5609?

Yes, a public proof-of-concept exploit is available for CVE-2025-5609. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-5609?

Within 24 hours: Inventory all Tenda AC18 devices in production and isolate affected units from critical network segments if possible. Within 7 days: Implement network segmentation to restrict management access to these devices and deploy WAF/IDS rules to detect exploitation attempts on the /goform/AdvSetLanip endpoint. Within 30 days: Develop a replacement/upgrade plan for all affected Tenda AC18 units and contact Tenda for patch availability status; consider alternative router vendors if patches are not forthcoming.

Ac18 Firmware CVE-2025-5609

EUVD-2025-16919 HIGH

Buffer Overflow (CWE-119)

2025-06-04 cna@vuldb.com

Buffer Overflow Tenda Ac18 Firmware

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 17:29 euvd

EUVD-2025-16919

Analysis Generated

Mar 14, 2026 - 17:29 vuln.today

PoC Detected

Jun 17, 2025 - 20:41 vuln.today

Public exploit code

CVE Published

Jun 04, 2025 - 20:15 nvd

HIGH 8.8

DescriptionNVD

A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in Tenda AC18 router firmware version 15.03.05.05, exploitable via the /goform/AdvSetLanip endpoint's lanMask parameter. An authenticated remote attacker can trigger memory corruption leading to complete system compromise (confidentiality, integrity, availability). A public exploit proof-of-concept exists, and the vulnerability is likely being actively weaponized given disclosure status and CVSS 8.8 severity.

Technical ContextAI

The vulnerability resides in the fromadvsetlanip function within the HTTP request handler /goform/AdvSetLanip of Tenda AC18 firmware (CPE: cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*). The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow flaw where user-supplied input in the lanMask parameter is copied into a fixed-size buffer without proper bounds checking. This is a common pattern in legacy embedded device firmware where the CGI handler fails to validate input length before stack or heap allocation. The vulnerability affects the LAN IP configuration subsystem, a privileged network function typically accessible only after authentication but critical in router security architecture.

RemediationAI

Primary mitigation: (1) Upgrade Tenda AC18 firmware to the latest available version released after this CVE disclosure—verify patch release at Tenda's official support site (support.tenda.com.cn or regional equivalent); (2) If patch unavailable, implement network segmentation: restrict access to router web interface (port 80/443) to trusted administrative networks only using firewall rules; (3) Change default router credentials immediately and enforce strong unique passwords; (4) Disable remote management features if not required. Temporary workaround: disable HTTP/HTTPS management interface access from untrusted networks. Note: Given the embedded device nature, firmware patching may require manual upload via web interface—backup configuration before attempting patch.

CVE-2025-5609 vulnerability details – vuln.today

Back

Ac18 Firmware CVE-2025-5609

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code