CVE-2025-7598

| EUVD-2025-21338 HIGH
2025-07-14 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 09:43 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 09:43 euvd
EUVD-2025-21338
PoC Detected
Jul 16, 2025 - 14:33 vuln.today
Public exploit code
CVE Published
Jul 14, 2025 - 11:15 nvd
HIGH 8.8

Tags

Buffer Overflow RCE Ax1803 Firmware Tenda

Description

A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7598 is a critical stack-based buffer overflow vulnerability in Tenda AX1803 router (version 1.0.0.1) affecting the WiFi MAC filter configuration endpoint. An authenticated remote attacker can exploit improper input validation in the deviceList parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impacts). Public exploit code has been disclosed and the vulnerability may be actively exploited.

Technical Context

The vulnerability exists in the formSetWifiMacFilterCfg function within the /goform/setWifiFilterCfg endpoint of Tenda AX1803 firmware. This is a network device management interface vulnerable to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically a stack-based buffer overflow. The deviceList parameter is passed to a fixed-size stack buffer without proper bounds checking, allowing an attacker to overflow adjacent stack memory including return addresses. Tenda AX1803 is a budget WiFi router running proprietary firmware; the affected endpoint is accessible via HTTP/HTTPS from the LAN management interface. The CPE identifier would be cpe:2.3:h:tenda:ax1803:1.0.0.1:*:*:*:*:*:*:* for the hardware and corresponding firmware component.

Affected Products

[{'vendor': 'Tenda', 'product': 'AX1803', 'affected_versions': ['1.0.0.1'], 'affected_component': 'WiFi MAC Filter Configuration (/goform/setWifiFilterCfg)', 'cpe': 'cpe:2.3:h:tenda:ax1803:1.0.0.1:*:*:*:*:*:*:*', 'device_type': 'Wireless Router (WiFi 6 / 802.11ax)'}]

Remediation

[{'type': 'patch', 'description': "Update Tenda AX1803 firmware to version newer than 1.0.0.1. Check Tenda's official support website (https://www.tenda.com.cn or regional variant) for latest firmware release.", 'priority': 'Critical', 'note': 'Specific patched version not disclosed in public CVE data; contact Tenda support or monitor their security advisories.'}, {'type': 'mitigation', 'description': 'Restrict LAN access to the router management interface (/goform endpoints) via firewall rules. Disable remote management if enabled.', 'priority': 'High'}, {'type': 'mitigation', 'description': 'Enforce strong, unique credentials for router administrative access to reduce likelihood of unauthorized authenticated access.', 'priority': 'High'}, {'type': 'workaround', 'description': 'Isolate Tenda AX1803 from trusted networks containing sensitive systems until patch is available. Consider replacing device with patched alternative if critical deployment.', 'priority': 'Medium'}]

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.4
CVSS: +44
POC: +20

Share

CVE-2025-7598 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy