Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
AnalysisAI
Critical remote buffer overflow vulnerability in Tenda AC7 router firmware version 15.03.06.44, affecting the LAN IP configuration function. An authenticated attacker can exploit improper input validation in the 'lanMask' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability meets criteria for active exploitation.
Technical ContextAI
The vulnerability exists in the fromadvsetlanip function within the /goform/AdvSetLanip endpoint of Tenda AC7 routers. This is a classic CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) buffer overflow affecting network device firmware. The affected component handles LAN mask configuration, a critical network parameter in residential/small business routing devices. Tenda AC7 is a budget-class AC1200 dual-band Wi-Fi router commonly deployed in home and SOHO environments. The lanMask parameter fails to implement adequate bounds checking before copying user-supplied input to a fixed-size buffer, allowing overflow of adjacent memory structures. This type of vulnerability is particularly dangerous in embedded device firmware where memory protections (DEP/ASLR) are often minimal or absent.
RemediationAI
Primary: Upgrade to the latest available Tenda AC7 firmware version beyond 15.03.06.44. Check Tenda's official support site (support.tenda.com.cn or regional equivalent) for firmware release notes confirming CVE-2025-5861 fix. Secondary mitigations if patching is delayed: (1) Restrict management access to LAN IP configuration endpoints via firewall rules at network perimeter; (2) Disable remote management features if not required (disable WAN-side access to /goform endpoints); (3) Change default admin credentials immediately; (4) Segment router management traffic to isolated administrative VLANs; (5) Monitor for suspicious configuration changes via router logs. Critical: Do NOT delay patching for extended periods, as buffer overflow exploits in router firmware often lead to complete device compromise and potential botnet enrollment.
More in Ac7 Firmware
View allTenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set f
Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle fun
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 were discovered
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to co
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter timeZone at url /goform/SetSysTimeC
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to contain a stack overflow via parameter
Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42_multi, and Tenda AC5 V1.0RTL_V15.03.06.28 were discovered to co
Tenda AC7 V1.0 V15.03.06.44 was discovered to contain a stack overflow via parameter security_5g at url /goform/WifiBasi
Tenda AC7 V1.0 V15.03.06.44 and Tenda AC9 V3.0 V15.03.06.42_multi were discovered to contain a stack overflow via parame
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC
Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28,
Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-17427