CVE-2025-10432
Published: 15 September 2025
Summary
CVE-2025-10432 is a critical-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Ac1206 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 30.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the CVE by requiring timely remediation of the stack-based buffer overflow flaw through firmware patching.
Requires validation of the wanMTU input parameter in the HTTP request handler to prevent the buffer overflow exploitation.
Implements memory protections such as stack guards and non-executable stacks to comprehensively mitigate stack-based buffer overflow attacks.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote stack-based buffer overflow in the router's public-facing HTTP handler (/goform/AdvSetMacMtuWa) enables exploitation of a public-facing application for initial access/remote code execution (T1190) or application crash/denial of service (T1499.004).
NVD Description
A vulnerability was found in Tenda AC1206 15.03.06.23. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow. Remote exploitation of the attack…
more
is possible. The exploit has been made public and could be used.
Deeper analysisAI
CVE-2025-10432 is a stack-based buffer overflow vulnerability affecting the Tenda AC1206 router on firmware version 15.03.06.23. The flaw exists in the check_param_changed function within the /goform/AdvSetMacMtuWa file of the HTTP Request Handler component. Attackers can trigger the overflow by manipulating the wanMTU argument during an HTTP request.
The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), making it critically severe. Remote, unauthenticated attackers with network access can exploit it without user interaction, potentially achieving full compromise including arbitrary code execution, data theft, or denial of service. A public proof-of-concept exploit is available, enabling straightforward remote exploitation.
Advisories documented on VulDB (ctiid.323866, id.323866, submit.647527) detail the issue and reference the exploit. A proof-of-concept is hosted on GitHub at https://github.com/M4st3rYi/IoTVulPocs/blob/main/Tenda/AC1206/fromAdvSetMacMtuWan.md. Practitioners should monitor the vendor site at https://www.tenda.com.cn/ for firmware updates or mitigation recommendations. The vulnerability maps to CWEs 119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and 121 (Stack-based Buffer Overflow).
Details
- CWE(s)