CVE-2025-5629 – A critical buffer overflow vulnerability in Ten... (How to Fix)

Q: What is the severity of CVE-2025-5629?

CVE-2025-5629 has a CVSS score of 8.8 (HIGH). A critical buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP requests to the formSetPPTPServer function. This affects all Tenda AC10 routers running firmware version 15.03.06.47 or earlier. Attackers can exploit this without authentication to potentially take full control of affected devices.

📋 TL;DR

A critical buffer overflow vulnerability in Tenda AC10 routers allows remote attackers to execute arbitrary code by sending specially crafted HTTP requests to the formSetPPTPServer function. This affects all Tenda AC10 routers running firmware version 15.03.06.47 or earlier. Attackers can exploit this without authentication to potentially take full control of affected devices.

💻 Affected Systems

Products:

Tenda AC10

Versions: Up to and including 15.03.06.47

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the HTTP handler component; vulnerable by default when the PPTP server feature is accessible.

📦 What is this software?

Ac10 Firmware by Tenda

View all CVEs affecting Ac10 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, enabling attackers to install malware, pivot to internal networks, or create persistent backdoors.

🟠

Likely Case

Remote code execution resulting in device takeover, network traffic interception, or participation in botnets.

🟢

If Mitigated

Limited impact if devices are behind firewalls with strict inbound filtering or if vulnerable interfaces are not exposed.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable via HTTP requests, making internet-facing devices immediate targets.

🏢 Internal Only: HIGH - Even internally, attackers on the local network can exploit this without authentication.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub, making this easily weaponizable by attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.tenda.com.cn/

Restart Required: Yes

Instructions:

1. Check Tenda's official website for firmware updates. 2. If an update is available, download the latest firmware for AC10. 3. Log into router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and apply the new firmware. 6. Reboot the router.

🔧 Temporary Workarounds

Disable PPTP Server

all

Disable the vulnerable PPTP server feature if not needed.

Network Segmentation

all

Isolate affected routers in separate network segments with strict firewall rules.

🧯 If You Can't Patch

Block inbound HTTP/HTTPS access to router admin interface from untrusted networks
Implement network monitoring for unusual HTTP requests to /goform/SetPptpServerCfg

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface; if version is 15.03.06.47 or earlier, device is vulnerable.

Check Version:

Log into router web interface and check System Status or Firmware Upgrade section

Verify Fix Applied:

After updating, verify firmware version is higher than 15.03.06.47 in admin interface.

📡 Detection & Monitoring

Log Indicators:

Unusual HTTP POST requests to /goform/SetPptpServerCfg
Multiple failed buffer overflow attempts in system logs

Network Indicators:

HTTP traffic to router IP on port 80/443 containing startIp/endIp parameters with long strings

SIEM Query:

source="router_logs" AND (url="/goform/SetPptpServerCfg" OR message="buffer overflow")

📊 Metadata

CVE ID: CVE-2025-5629

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-119

EPSS Score: 0.3% exploit probability (52.9th percentile)

Published: June 5, 2025

Last Updated: June 6, 2025

🔗 References

https://github.com/pfwqdxwdd/cve/blob/main/4.md Broken Link
https://vuldb.com/?ctiid.311115 Permissions Required
https://vuldb.com/?id.311115 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.589424 Third Party Advisory,VDB Entry
https://www.tenda.com.cn/ Product
https://github.com/pfwqdxwdd/cve/blob/main/4.md Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5629, you might also want to check these: