CVE-2025-14655 – A stack-based buffer overflow vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2025-14655?

CVE-2025-14655 has a CVSS score of 8.8 (HIGH). A stack-based buffer overflow vulnerability in Tenda AC20 routers allows remote attackers to execute arbitrary code by manipulating the rebootTime parameter. This affects Tenda AC20 routers running firmware version 16.03.08.12. Attackers can exploit this without authentication to potentially take full control of affected devices.

📋 TL;DR

A stack-based buffer overflow vulnerability in Tenda AC20 routers allows remote attackers to execute arbitrary code by manipulating the rebootTime parameter. This affects Tenda AC20 routers running firmware version 16.03.08.12. Attackers can exploit this without authentication to potentially take full control of affected devices.

💻 Affected Systems

Products:

Tenda AC20

Versions: 16.03.08.12

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific firmware version; other versions may be unaffected.

📦 What is this software?

Ac20 Firmware by Tenda

View all CVEs affecting Ac20 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, lateral movement to internal networks, and persistent backdoor installation.

🟠

Likely Case

Device takeover for botnet enrollment, credential theft, or network traffic interception.

🟢

If Mitigated

Denial of service or device reboot if exploit fails or protections block execution.

🌐 Internet-Facing: HIGH - Remote exploitation without authentication makes internet-facing devices prime targets.

🏢 Internal Only: MEDIUM - Internal devices still vulnerable but require network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code exists, making exploitation straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

Check Tenda website for firmware updates. If available, download and install via router admin interface. Reboot router after update.

🔧 Temporary Workarounds

Disable remote management

all

Prevent external access to router admin interface

Network segmentation

all

Isolate router management interface from untrusted networks

🧯 If You Can't Patch

Replace affected devices with patched or different models
Implement strict network access controls to limit exposure

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is 16.03.08.12, device is vulnerable.

Check Version:

Check via router web interface at 192.168.0.1 or 192.168.1.1

Verify Fix Applied:

Verify firmware version has changed from 16.03.08.12 after update.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /goform/SetSysAutoRebbotCfg
Multiple failed reboot attempts
Unexpected device reboots

Network Indicators:

Suspicious traffic to router management port (typically 80/443)
Exploit pattern matching in network traffic

SIEM Query:

source_ip=* dest_ip=router_ip dest_port=80 uri_path="/goform/SetSysAutoRebbotCfg" method=POST

📊 Metadata

CVE ID: CVE-2025-14655

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

EPSS Score: 0.09% exploit probability (25.9th percentile)

Published: December 14, 2025

Last Updated: February 24, 2026

🔗 References

https://github.com/Madgeaaaaa/MY_VULN_2/blob/main/Tenda/VULN13/AC20_SetSysAutoRebbotCfg.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.336388 Permissions Required,VDB Entry
https://vuldb.com/?id.336388 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.712910 Third Party Advisory,VDB Entry
https://www.tenda.com.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14655, you might also want to check these: