CVE-2025-67074 – A buffer overflow vulnerability in Tenda AC10V4... (How to Fix)

Q: What is the severity of CVE-2025-67074?

CVE-2025-67074 has a CVSS score of 6.5 (MEDIUM). A buffer overflow vulnerability in Tenda AC10V4.0 routers allows remote attackers to cause denial of service or potentially execute arbitrary code by sending a specially crafted POST request to the /goform/AdvSetMacMtuWan endpoint. This affects users of Tenda AC10V4.0 routers running firmware version V16.03.10.20.

📋 TL;DR

A buffer overflow vulnerability in Tenda AC10V4.0 routers allows remote attackers to cause denial of service or potentially execute arbitrary code by sending a specially crafted POST request to the /goform/AdvSetMacMtuWan endpoint. This affects users of Tenda AC10V4.0 routers running firmware version V16.03.10.20.

💻 Affected Systems

Products:

Tenda AC10V4.0

Versions: V16.03.10.20

Operating Systems: Embedded Linux (router firmware)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the httpd binary in the router firmware. Default configuration exposes the vulnerable endpoint.

📦 What is this software?

Ac10 Firmware by Tenda

View all CVEs affecting Ac10 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, persistent backdoor installation, and lateral movement to internal networks.

🟠

Likely Case

Denial of service causing router crashes and network disruption, requiring physical reset.

🟢

If Mitigated

Limited impact if network segmentation isolates the router and external access is restricted.

🌐 Internet-Facing: HIGH - The vulnerable HTTP service is typically exposed to WAN interfaces on consumer routers.

🏢 Internal Only: MEDIUM - Attackers could exploit from compromised internal hosts if router management interface is accessible.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires sending a crafted POST request to a specific endpoint. Public GitHub repository contains proof-of-concept.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: Yes

Instructions:

1. Check Tenda website for firmware updates. 2. Download latest firmware for AC10V4.0. 3. Access router admin interface. 4. Navigate to firmware upgrade section. 5. Upload and apply new firmware. 6. Wait for router to reboot.

🔧 Temporary Workarounds

Disable Remote Management

all

Prevent external access to router management interface

Access router admin panel -> System Tools -> Remote Management -> Disable

Block Vulnerable Endpoint

linux

Use firewall rules to block access to /goform/AdvSetMacMtuWan

iptables -A INPUT -p tcp --dport 80 -m string --string "/goform/AdvSetMacMtuWan" --algo bm -j DROP

🧯 If You Can't Patch

Segment router on isolated network VLAN
Implement strict firewall rules blocking all WAN-to-router management traffic

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin interface under System Status or System Tools

Check Version:

curl -s http://router-ip/goform/getStatus | grep version

Verify Fix Applied:

Verify firmware version is newer than V16.03.10.20 after update

📡 Detection & Monitoring

Log Indicators:

HTTP POST requests to /goform/AdvSetMacMtuWan with long serverName parameter
Router crash/reboot logs

Network Indicators:

Unusual POST requests to router management interface from external IPs
Traffic patterns suggesting buffer overflow attempts

SIEM Query:

source="router_logs" AND uri="/goform/AdvSetMacMtuWan" AND method="POST" AND content_length>100

📊 Metadata

CVE ID: CVE-2025-67074

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-120

EPSS Score: 0.1% exploit probability (28.4th percentile)

Published: December 17, 2025

Last Updated: January 2, 2026

🔗 References

https://github.com/johnathanhuutri/CVEReport/tree/master/CVE-2025-67074 Exploit,Third Party Advisory
https://github.com/johnathanhuutri/CVEReport/tree/master/CVE-2025-67074 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67074, you might also want to check these: