Cyber Resilience

CVE-2025-8810

HighPublic PoC

Published: 10 August 2025

Published
10 August 2025
Modified
14 August 2025
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0068 72.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-8810 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Tenda Ac20 Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 28.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2025-8810 is a critical stack-based buffer overflow vulnerability affecting the Tenda AC20 router on firmware version 16.03.08.05. The flaw exists in the strcpy function within the /goform/SetFirewallCfg component, where manipulation of the firewallEn argument triggers the overflow. It is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-121 (Stack-based Buffer Overflow), with a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

The vulnerability enables remote exploitation by low-privileged users (PR:L) over the network, requiring low attack complexity and no user interaction. Attackers can achieve high impacts on confidentiality, integrity, and availability, potentially leading to arbitrary code execution, data compromise, or denial of service on the affected device.

Advisories from VulDB detail the issue and reference a publicly disclosed exploit on GitHub at https://github.com/LaiwanHundun/CVE/blob/main/cve1. The Tenda manufacturer's site at https://www.tenda.com.cn/ is listed among references, though specific patch details are not outlined in available descriptions.

The exploit has been disclosed to the public and may be used in attacks, as noted in vulnerability feeds.

EU & UK References

Vulnerability details

A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely.…

more

The exploit has been disclosed to the public and may be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Remote stack-based buffer overflow in the Tenda AC20 router's web management interface (/goform/SetFirewallCfg) via firewallEn parameter enables arbitrary code execution (T1190: Exploit Public-Facing Application) and denial of service through application crash (T1499.004: Application or System Exploitation).

CVEs Like This One

CVE-2025-9046Same product: Tenda Ac20
CVE-2025-9089Same product: Tenda Ac20
CVE-2025-14655Same product: Tenda Ac20
CVE-2025-14654Same product: Tenda Ac20
CVE-2025-8160Same product: Tenda Ac20
CVE-2025-9087Same product: Tenda Ac20
CVE-2025-8131Same product: Tenda Ac20
CVE-2025-9088Same product: Tenda Ac20
CVE-2025-9791Same product: Tenda Ac20
CVE-2025-10815Same product: Tenda Ac20

Affected Assets

tenda
ac20 firmware
16.03.08.05

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates the firewallEn argument in /goform/SetFirewallCfg to prevent oversized inputs from triggering the strcpy stack-based buffer overflow.

prevent

Implements memory protections like stack canaries and non-executable stacks to mitigate exploitation of the stack-based buffer overflow in strcpy.

prevent

Mandates timely patching or remediation of the known buffer overflow flaw in the Tenda AC20 firmware's SetFirewallCfg function.

References