CVE-2025-45429
Published: 23 April 2025
Summary
CVE-2025-45429 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ac9 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 14.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The vulnerability is a stack-based buffer overflow, identified as CWE-121, in the /goform/WifiWpsStart endpoint of the Tenda AC9 v1.0 router running firmware V15.03.05.14_multi. It carries a CVSS 3.1 score of 9.8 and can result in remote arbitrary code execution.
Unauthenticated attackers with network access can send specially crafted requests to the affected endpoint, bypassing any authentication or user interaction requirements and achieving full control over the device, including arbitrary code execution with impacts to confidentiality, integrity, and availability.
Public references consist of GitHub disclosures detailing the flaw, but no vendor advisories, patches, or mitigation guidance are provided in the available sources. The associated EPSS score remains low, with a current value of 0.0233 and a peak of 0.0244, indicating limited observed exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-12188
Vulnerability details
In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack overflow in the router's public-facing web interface (/goform/WifiWpsStart) enables remote arbitrary code execution via exploitation of a public-facing application.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.