CVE-2025-7544

| EUVD-2025-21279 HIGH
2025-07-13 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 09:18 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 09:18 euvd
EUVD-2025-21279
PoC Detected
Jul 16, 2025 - 14:36 vuln.today
Public exploit code
CVE Published
Jul 13, 2025 - 22:15 nvd
HIGH 8.8

Tags

Buffer Overflow Ac1206 Firmware Tenda

Description

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been rated as critical. This issue affects the function formSetMacFilterCfg of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7544 is a critical stack-based buffer overflow vulnerability in Tenda AC1206 firmware version 15.03.06.23, specifically in the formSetMacFilterCfg function accessible via the /goform/setMacFilterCfg endpoint. An authenticated remote attacker can exploit this vulnerability by manipulating the deviceList parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit disclosure and active exploitation indicators elevate real-world risk significantly.

Technical Context

The vulnerability exists in a web-accessible form handler (formSetMacFilterCfg) within Tenda's AC1206 wireless router firmware, classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). The vulnerability stems from unsafe buffer handling in the deviceList parameter processing—the application fails to properly validate input length before copying data to a stack-allocated buffer, allowing attackers to overflow the buffer boundary. This is a classic stack-based buffer overflow affecting the router's firmware image version 15.03.06.23 (CPE: cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*). The /goform/ endpoint pattern indicates a CGI-based web interface common in embedded router firmware.

Affected Products

[{'vendor': 'Tenda', 'product': 'AC1206', 'affected_versions': ['15.03.06.23'], 'cpe': 'cpe:2.3:o:tenda:ac1206_firmware:15.03.06.23:*:*:*:*:*:*:*', 'vulnerable_endpoint': '/goform/setMacFilterCfg', 'vulnerable_function': 'formSetMacFilterCfg', 'vulnerable_parameter': 'deviceList'}]

Remediation

[{'type': 'patch', 'description': 'Upgrade to a firmware version newer than 15.03.06.23 when available from Tenda', 'status': 'Patch status unknown—check Tenda support/downloads portal for AC1206 firmware updates', 'link': 'https://www.tenda.com.cn/ (check support section for AC1206 firmware downloads)'}, {'type': 'workaround', 'description': 'Restrict network access to the /goform/setMacFilterCfg endpoint via firewall rules or WAF (web application firewall) if internal access is required', 'details': 'Block external access to port 80/443 where the web interface is hosted; implement access controls limiting who can authenticate to the router'}, {'type': 'workaround', 'description': 'Disable remote management features and restrict router web interface access to LAN-only', 'details': 'Via router settings: disable WAN-side web management, disable UPnP port mapping for the web interface'}, {'type': 'mitigation', 'description': 'Implement strong authentication controls and monitor router logs for suspicious /goform/setMacFilterCfg requests', 'details': 'Change default credentials; monitor for POST requests with large deviceList parameters'}]

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.4
CVSS: +44
POC: +20

Share

CVE-2025-7544 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy