CVE-2025-69700
Published: 23 February 2026
Summary
CVE-2025-69700 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Fh1203 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 23.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-69700 is a stack-based buffer overflow vulnerability (CWE-121) affecting the Tenda FH1203 router at version V2.0.1.6. The flaw resides in the modify_add_client_prio function, which is exposed through the formSetClientPrio CGI handler. Published on 2026-02-23, it has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its potential for denial-of-service impacts.
Remote attackers require no authentication or user interaction to exploit this vulnerability over the network with low attack complexity. Successful exploitation triggers a stack-based buffer overflow, leading to high availability disruption, such as device crashes or reboots, without affecting confidentiality or integrity.
For mitigation details, refer to the advisory at https://github.com/xhh0124/SemVulLLM.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-207625
Vulnerability details
Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated buffer overflow in public web CGI interface directly enables T1190 exploitation of public-facing app; resulting crash/reboot maps to T1499.004 application exploitation for DoS.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the stack-based buffer overflow in the modify_add_client_prio function by identifying, patching, and deploying firmware updates for the affected Tenda FH1203 router.
Prevents exploitation by enforcing validation of inputs to the formSetClientPrio CGI handler, directly addressing the lack of bounds checking that causes the buffer overflow.
Mitigates stack-based buffer overflow exploitation through memory protections such as stack canaries and address space layout randomization on the vulnerable router firmware.