CVE-2025-29135
Published: 24 March 2025
Summary
CVE-2025-29135 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ac7 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 25.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
A stack-based buffer overflow vulnerability, tracked as CVE-2025-29135 and assigned CWE-121, affects the Tenda AC7 wireless router running firmware version V15.03.06.44. The flaw resides in the formWifiBasicSet function, where the security parameter is processed without adequate bounds checking, enabling a stack overflow condition that can lead to arbitrary code execution. The issue carries a CVSS 3.1 base score of 9.8, reflecting network-accessible attack complexity that is low and requires no authentication or user interaction.
Remote attackers can exploit the vulnerability by sending a crafted HTTP request containing an oversized security parameter to the router's web management interface. Successful exploitation grants the attacker the ability to execute arbitrary code with full read, write, and control privileges over the device, resulting in complete compromise of confidentiality, integrity, and availability.
Public references consist of technical write-ups and proof-of-concept material hosted on GitHub that detail the buffer overflow mechanics but contain no vendor advisory, patch information, or mitigation guidance. The associated EPSS score remains low, with a current value of 0.0080 and a recorded peak of 0.0155, indicating limited observed exploitation interest to date.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-8017
Vulnerability details
A stack-based buffer overflow vulnerability in Tenda AC7 V15.03.06.44 allows a remote attacker to execute arbitrary code through a stack overflow attack using the security parameter of the formWifiBasicSet function.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in router web form handling function (formWifiBasicSet) enables remote unauthenticated arbitrary code execution on a public-facing network device.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires validation of the security parameter in formWifiBasicSet to directly prevent stack-based buffer overflows from oversized or malformed inputs.
Implements memory protections such as stack canaries and address space layout randomization to mitigate exploitation of the stack overflow for arbitrary code execution.
Mandates timely identification, reporting, and patching of the buffer overflow flaw in Tenda AC7 firmware to eliminate the vulnerability.