CVE-2025-4810
Published: 16 May 2025
Summary
CVE-2025-4810 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Ac7 Firmware. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 21.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A vulnerability has been identified in Tenda AC7 firmware version 15.03.06.44 within the formSetRebootTimer function of the /goform/SetRebootTimer endpoint. Improper handling of the reboot_time argument allows a stack-based buffer overflow, tracked under CWE-119, CWE-121, and CWE-787. The issue is remotely triggerable and carries a CVSS 4.0 score of 8.7 with high impact on confidentiality, integrity, and availability.
An authenticated remote attacker can supply a crafted reboot_time value to the affected endpoint, leading to memory corruption that may result in arbitrary code execution or device instability. Public exploit code has been disclosed, enabling potential reuse by threat actors with network access to the router's management interface.
The associated EPSS score remains low and unchanged at 0.0110 with no observed upward trajectory after disclosure. No vendor advisory or patch information is referenced in the available sources.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-15547
Vulnerability details
A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboot_time leads to stack-based buffer overflow. The attack can…
more
be launched remotely. The exploit has been disclosed to the public and may be used.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack-based buffer overflow in the remote web interface (/goform/SetRebootTimer) of the public-facing Tenda AC7 router enables remote code execution via exploitation of a public-facing application.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Memory protections (e.g., W^X, ASLR) make exploitation of buffer-boundary violations far harder to turn into code execution.
Ongoing control assessments and code testing (static/dynamic analysis, fuzzing) surface memory buffer restriction failures, which are then remediated before release.
Managed runtimes used by platform-independent applications (e.g., JVM, CLR) enforce memory safety, preventing most buffer overflows that require direct memory manipulation.
Detects exploitation attempts that produce memory corruption, crashes, or anomalous behavior.