CVE-2025-67073 in AC10
Summary
by MITRE • 12/17/2025
A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serviceName`) to /goform/AdvSetMacMtuWan.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 12/17/2025
This vulnerability exists within the Tenda AC10V4.0 V16.03.10.20 firmware's httpd binary where the function fromAdvSetMacMtuWan processes incoming HTTP POST requests. The flaw manifests as a classic buffer overflow condition in the handling of the `serviceName` field parameter within the /goform/AdvSetMacMtuWan endpoint. Attackers can exploit this by crafting malicious HTTP POST requests that exceed the allocated buffer space, causing memory corruption in the web server process. The vulnerability represents a critical security risk as it allows remote unauthenticated attackers to compromise the device's operational integrity.
The technical implementation of this buffer overflow stems from improper input validation and bounds checking within the firmware's web interface handling code. When the httpd service receives a POST request containing the crafted `serviceName` field, it fails to properly validate the length of the input data before copying it into a fixed-size buffer. This classic programming error falls under CWE-121, which describes stack-based buffer overflow conditions. The vulnerability is particularly dangerous because it occurs in a network-facing service that handles administrative configuration requests, making it accessible to any remote attacker without authentication requirements.
The operational impact of this vulnerability extends beyond simple denial of service to potentially enabling remote code execution on the affected device. When the buffer overflow occurs, it can corrupt adjacent memory locations including return addresses and function pointers, which may allow attackers to redirect execution flow or inject malicious code. This represents a significant threat to network security as the affected device serves as a router or access point, potentially providing attackers with persistent access to the local network. The vulnerability affects the device's ability to maintain normal network operations and could lead to complete system compromise.
Mitigation strategies should prioritize immediate firmware updates from Tenda to address the buffer overflow condition through proper input validation and bounds checking. Network administrators should implement network segmentation to limit access to the affected device's web interface and consider disabling unnecessary administrative services when possible. The vulnerability aligns with ATT&CK technique T1210, which covers exploitation of remote services for privilege escalation. Organizations should also monitor network traffic for suspicious POST requests targeting the specific endpoint and implement intrusion detection systems to identify exploitation attempts. Additionally, the device should be configured to use strong authentication mechanisms and network access controls to limit exposure to potential attackers.