CVE-2025-71019
Published: 15 January 2026
Summary
CVE-2025-71019 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ax1806 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 31.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Deeper analysis
CVE-2025-71019 is a stack-based buffer overflow vulnerability affecting the Tenda AX-1806 router on firmware version v1.0.0.1. The flaw occurs in the wanSpeed parameter processed by the sub_65B5C function, as disclosed on January 15, 2026. It has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and maps to CWE-121.
Unauthenticated remote attackers with network access to the device can exploit this vulnerability by sending a specially crafted request to the affected parameter. Exploitation triggers a stack overflow, enabling a Denial of Service (DoS) condition that disrupts device availability without impacting confidentiality or integrity.
Further details, including potential mitigation guidance, are available in the referenced advisory at https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-1806/9/1.md.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2794
Vulnerability details
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the wanSpeed parameter of the sub_65B5C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unauthenticated remote stack overflow in public router web interface directly enables T1190 exploitation and T1499.004 DoS via crafted request.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces validation of inputs like the wanSpeed parameter to prevent stack overflows from crafted requests.
Implements memory protections such as stack canaries and address space randomization to mitigate stack-based buffer overflows.
Mandates timely identification and remediation of software flaws like this stack overflow via firmware patching.