Details of VAR-202506-0320

ID

VAR-202506-0320

CVE

CVE-2025-5609

TITLE

Shenzhen Tenda Technology Co.,Ltd. of AC18 Buffer error vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2025-007208

DESCRIPTION

A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Shenzhen Tenda Technology Co.,Ltd. of AC18 The firmware contains a buffer error vulnerability and a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Remote attackers can use this vulnerability to submit special requests and execute arbitrary code in the context of the application

Trust: 2.16

sources: NVD: CVE-2025-5609 // JVNDB: JVNDB-2025-007208 // CNVD: CNVD-2025-12408

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-12408

AFFECTED PRODUCTS

vendor:	tenda	model:	ac18	scope:	eq	version:	15.03.05.05	Trust: 1.0
vendor:	tenda	model:	ac18	scope:	-	version:	-	Trust: 0.8
vendor:	tenda	model:	ac18	scope:	eq	version:	-	Trust: 0.8
vendor:	tenda	model:	ac18	scope:	eq	version:	ac18 firmware 15.03.05.05	Trust: 0.8
vendor:	none	model:	-	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-12408 // JVNDB: JVNDB-2025-007208 // NVD: CVE-2025-5609

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-5609
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-007208
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-12408
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-5609
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-007208
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-12408
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-5609
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-007208
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-12408 // JVNDB: JVNDB-2025-007208 // NVD: CVE-2025-5609

PROBLEMTYPE DATA

problemtype:	CWE-119	Trust: 1.0
problemtype:	CWE-120	Trust: 1.0
problemtype:	Buffer error (CWE-119) [ others ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [NVD evaluation ]	Trust: 0.8
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-007208 // NVD: CVE-2025-5609

PATCH

title:

Patch for Tenda AC18 /goform/AdvSetLanip handles lanMask parameter buffer overflow vulnerability

url:

https://www.cnvd.org.cn/patchInfo/show/697201

Trust: 0.6

sources: CNVD: CNVD-2025-12408

EXTERNAL IDS

db:	NVD	id:	CVE-2025-5609	Trust: 3.2
db:	VULDB	id:	311095	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-007208	Trust: 0.8
db:	CNVD	id:	CNVD-2025-12408	Trust: 0.6

sources: CNVD: CNVD-2025-12408 // JVNDB: JVNDB-2025-007208 // NVD: CVE-2025-5609

REFERENCES

url:	https://lavender-bicycle-a5a.notion.site/tenda-ac18-fromadvsetlanip-20653a41781f800fbc7bf9ca193c08e3?source=copy_link	Trust: 1.8
url:	https://vuldb.com/?id.311095	Trust: 1.8
url:	https://vuldb.com/?submit.588936	Trust: 1.8
url:	https://www.tenda.com.cn/	Trust: 1.8
url:	https://vuldb.com/?ctiid.311095	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-5609	Trust: 0.8
url:	https://lavender-bicycle-a5a.notion.site/tenda-ac18-fromadvsetlanip-20653a41781f800fbc7bf9ca193c08e3	Trust: 0.6

sources: CNVD: CNVD-2025-12408 // JVNDB: JVNDB-2025-007208 // NVD: CVE-2025-5609

SOURCES

db:	CNVD	id:	CNVD-2025-12408
db:	JVNDB	id:	JVNDB-2025-007208
db:	NVD	id:	CVE-2025-5609

LAST UPDATE DATE

2025-06-19T23:23:48.079000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-12408	date:	2025-06-13T00:00:00
db:	JVNDB	id:	JVNDB-2025-007208	date:	2025-06-18T07:24:00
db:	NVD	id:	CVE-2025-5609	date:	2025-06-17T20:41:04.957

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-12408	date:	2025-06-13T00:00:00
db:	JVNDB	id:	JVNDB-2025-007208	date:	2025-06-18T00:00:00
db:	NVD	id:	CVE-2025-5609	date:	2025-06-04T20:15:25.030