CVE-2025-70252

HighPublic PoC

Published: 02 March 2026

Published

02 March 2026

Modified

06 March 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score 0.0003 7.1th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70252 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ac6 Firmware. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 7.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Application or System Exploitation (T1499.004).

Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Stack-based buffer overflow in network-exposed web endpoint directly enables remote unauthenticated DoS via application/system exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads…

to a stack overflow vulnerability.

Deeper analysisAI

CVE-2025-70252 is a stack overflow vulnerability in the /goform/WifiWpsStart component of Tenda AC6V2.0 running firmware version V15.03.06.23_multi. The vulnerability arises because the controllable parameters index and mode are spliced into a tmp buffer using sprintf without any size checks, allowing buffer overflow when certain conditions are met. It is classified under CWE-121 (Stack-based Buffer Overflow) with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

The vulnerability can be exploited remotely over the network by unauthenticated attackers with low complexity and no user interaction required. Successful exploitation leads to denial of service through high-impact availability disruption, such as device crashes, but does not enable confidentiality or integrity violations.

Mitigation details are available in the vendor advisory at https://www.tenda.com.cn/material/show/2855. Additional technical analysis is provided in the GitHub repository at https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70252.

Details

CWE(s): CWE-121

Affected Products

tenda

ac6 firmware

15.03.06.23_multi

CVEs Like This One

CVE-2025-29121Same product: Tenda Ac6

CVE-2025-30256Same product: Tenda Ac6

CVE-2025-32010Same product: Tenda Ac6

CVE-2025-12225Same product: Tenda Ac6

CVE-2025-29029Same product: Tenda Ac6

CVE-2026-4960Same product: Tenda Ac6

CVE-2025-25343Same product: Tenda Ac6

CVE-2026-4961Same product: Tenda Ac6

CVE-2025-0349Same product: Tenda Ac6

CVE-2025-1814Same product: Tenda Ac6

References

https://github.com/akuma-QAQ/CVEreport/tree/main/D-link/CVE-2025-70252
Exploit, Third Party Advisory · cve@mitre.org
https://www.tenda.com.cn/material/show/2855
Product · cve@mitre.org