CVE-2025-55503 – This CVE describes a stack overflow vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-55503?

CVE-2025-55503 has a CVSS score of 7.3 (HIGH). This CVE describes a stack overflow vulnerability in Tenda AC6 routers that allows attackers to execute arbitrary code by sending specially crafted requests to the deviceName parameter in the saveParentControlInfo function. The vulnerability affects Tenda AC6 routers running firmware version V15.03.06.23_multi. Attackers can potentially gain full control of affected routers.

📋 TL;DR

This CVE describes a stack overflow vulnerability in Tenda AC6 routers that allows attackers to execute arbitrary code by sending specially crafted requests to the deviceName parameter in the saveParentControlInfo function. The vulnerability affects Tenda AC6 routers running firmware version V15.03.06.23_multi. Attackers can potentially gain full control of affected routers.

💻 Affected Systems

Products:

Tenda AC6

Versions: V15.03.06.23_multi

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects AC6 V2.0 models with RTL chipset running the specified firmware version.

📦 What is this software?

Ac6 Firmware by Tenda

View all CVEs affecting Ac6 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete router compromise, credential theft, network traffic interception, and lateral movement into connected devices.

🟠

Likely Case

Router compromise allowing attackers to change DNS settings, intercept traffic, or use the router as a foothold for further attacks.

🟢

If Mitigated

Limited impact if network segmentation prevents lateral movement and router is isolated from critical systems.

🌐 Internet-Facing: HIGH - Routers are typically internet-facing devices, and the vulnerability can be exploited remotely.

🏢 Internal Only: MEDIUM - Could be exploited by malicious insiders or compromised internal devices.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept is publicly available on GitHub, making exploitation straightforward for attackers with basic skills.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. If update available, download and install via router admin interface. 3. Reboot router after installation.

🔧 Temporary Workarounds

Disable Parent Control Feature

all

Disable the parent control functionality that contains the vulnerable saveParentControlInfo function.

Network Segmentation

all

Isolate the router from critical internal networks to limit potential damage.

🧯 If You Can't Patch

Replace affected routers with different models or brands
Implement strict firewall rules to limit access to router management interface

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface. If version is V15.03.06.23_multi on Tenda AC6 V2.0, device is vulnerable.

Check Version:

Check router web interface at 192.168.0.1 or 192.168.1.1, navigate to System Status or About page.

Verify Fix Applied:

Verify firmware version has been updated to a version newer than V15.03.06.23_multi.

📡 Detection & Monitoring

Log Indicators:

Unusual requests to saveParentControlInfo endpoint
Multiple failed login attempts followed by successful access
Unexpected configuration changes

Network Indicators:

Unusual outbound connections from router
DNS changes to malicious servers
Traffic redirection patterns

SIEM Query:

source="router_logs" AND (uri="/goform/saveParentControlInfo" OR message="deviceName" AND length>100)

📊 Metadata

CVE ID: CVE-2025-55503

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-121

EPSS Score: 0.07% exploit probability (22.2th percentile)

Published: August 20, 2025

Last Updated: August 21, 2025

🔗 References

https://github.com/SolitaryGrass/IoT_vuln/blob/main/tenda/AC6/AC6V2.0RTL_V15.03.06.23/saveParentControlInfo/poc.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55503, you might also want to check these: