Cyber Resilience

CVE-2025-29462

CriticalPublic PoC

Published: 03 April 2025

Published
03 April 2025
Modified
22 April 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0067 71.9th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-29462 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Tenda Ac15 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 28.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A buffer overflow vulnerability exists in the Tenda AC15 router running firmware version V15.13.07.13. The flaw is located in the webCgiGetUploadFile function, which invokes socketRead to handle incoming HTTP request messages and performs an unbounded copy that overwrites a stack buffer. The issue is tracked as CWE-120 and carries a CVSS 3.1 score of 9.8.

An unauthenticated attacker can send a crafted HTTP request over the network to trigger the overflow. Successful exploitation grants the attacker the ability to corrupt stack memory, leading to remote code execution with full control over confidentiality, integrity, and availability of the device.

The single available reference is a technical write-up hosted on HackMD; no vendor advisory or firmware patch information is supplied in the published record. The associated EPSS score remains low, with a current value of 0.0067 and a modest peak of 0.0103.

EU & UK References

Vulnerability details

A buffer overflow vulnerability has been discovered in Tenda Ac15 V15.13.07.13. The vulnerability occurs when the webCgiGetUploadFile function calls the socketRead function to process HTTP request messages, resulting in the overwriting of a buffer on the stack.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

tenda
ac15 firmware
15.13.07.13

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-120

Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.

References