CVE-2025-71023
Published: 13 January 2026
Summary
CVE-2025-71023 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Tenda Ax3 Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-71023 is a stack overflow vulnerability in the Tenda AX-3 router running firmware version v16.03.12.10_CN. The flaw occurs in the mac2 parameter of the fromAdvSetMacMtuWan function, which can be triggered by a crafted request.
Remote attackers can exploit this vulnerability with no required privileges, authentication, or user interaction over the network. Successful exploitation leads to a Denial of Service (DoS) condition, with no impact on confidentiality or integrity. The vulnerability has a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) and is associated with CWE-121 (Stack-based Buffer Overflow).
Additional details are available in the referenced advisory at https://github.com/0-fool/VulnbyCola/blob/main/Tenda/AX-3/11/1.md.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2083
Vulnerability details
Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the mac2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Stack overflow in public router web interface (fromAdvSetMacMtuWan) allows unauthenticated remote crafted requests causing DoS via application exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the stack overflow flaw in the fromAdvSetMacMtuWan function through timely firmware patching to eliminate the vulnerability.
Validates the mac2 parameter in crafted requests to prevent stack overflows that lead to DoS.
Protects against DoS impacts from remote stack overflow exploitation by limiting effects on system availability.