Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-71023

CVE-2025-71023: Tenda AX-3 Stack Overflow DoS Vulnerability

CVE-2025-71023 is a stack overflow vulnerability in Tenda AX-3 router that enables attackers to cause denial of service through the mac2 parameter. This article covers technical details, affected versions, impact, and mitigation.

Updated:

CVE-2025-71023 Overview

A stack overflow vulnerability has been identified in the Tenda AX-3 wireless router running firmware version v16.03.12.10_CN. The vulnerability exists in the mac2 parameter of the fromAdvSetMacMtuWan function, which fails to properly validate input boundaries. This flaw allows remote attackers to cause a Denial of Service (DoS) condition by sending specially crafted HTTP requests to the affected device.

Critical Impact

Remote attackers can crash vulnerable Tenda AX-3 routers without authentication, potentially disrupting network connectivity for all connected devices.

Affected Products

  • Tenda AX-3 Router
  • Firmware Version v16.03.12.10_CN
  • fromAdvSetMacMtuWan function component

Discovery Timeline

  • 2026-01-13 - CVE-2025-71023 published to NVD
  • 2026-01-13 - Last updated in NVD database

Technical Details for CVE-2025-71023

Vulnerability Analysis

This vulnerability is classified as CWE-121 (Stack-based Buffer Overflow), a memory corruption flaw that occurs when data is written beyond the allocated buffer on the stack. The fromAdvSetMacMtuWan function in the Tenda AX-3 router firmware processes the mac2 parameter without adequate bounds checking. When an attacker supplies an oversized value for this parameter, it overwrites adjacent memory on the stack, leading to corruption of control flow data and ultimately causing the device to crash.

The network-accessible nature of this vulnerability means that any attacker with network access to the router's management interface can trigger the condition. No authentication is required to exploit this flaw, and user interaction is not necessary. While the vulnerability does not allow for data exfiltration or unauthorized modification, the availability impact is significant as it can completely disable the router.

Root Cause

The root cause is improper input validation within the fromAdvSetMacMtuWan function when processing the mac2 parameter. The function copies user-supplied data into a fixed-size stack buffer without verifying that the input length does not exceed the buffer's capacity. This classic stack overflow pattern allows attackers to overflow the buffer with excessive data, corrupting stack memory and causing the application or device to crash.

Attack Vector

The attack is executed remotely over the network by sending a malicious HTTP request to the router's web management interface. The attacker crafts a request containing an abnormally long value for the mac2 parameter, targeting the fromAdvSetMacMtuWan endpoint. Since the vulnerability can be triggered without authentication, any attacker with network visibility to the router can launch the attack.

The exploitation mechanism involves:

  1. Identifying a vulnerable Tenda AX-3 router on the network
  2. Crafting an HTTP request with an oversized mac2 parameter value
  3. Sending the request to the fromAdvSetMacMtuWan function endpoint
  4. The router processes the request, triggering the stack overflow and causing a crash

For detailed technical analysis of this vulnerability, refer to the GitHub Vulnerability Report.

Detection Methods for CVE-2025-71023

Indicators of Compromise

  • Unexpected router reboots or crashes without administrative action
  • Network connectivity interruptions affecting all connected clients
  • Abnormal HTTP requests to the router management interface with oversized parameters
  • Log entries showing requests to fromAdvSetMacMtuWan with unusual mac2 parameter values

Detection Strategies

  • Monitor network traffic for HTTP requests to Tenda router management interfaces containing abnormally long parameter values
  • Implement network intrusion detection rules to flag requests with oversized mac2 parameters
  • Deploy anomaly detection for router stability, alerting on repeated crashes or restarts
  • Audit router access logs for suspicious request patterns targeting vulnerable endpoints

Monitoring Recommendations

  • Enable logging on the Tenda AX-3 router if supported by firmware
  • Deploy network monitoring solutions to capture traffic destined for router management ports
  • Establish baseline metrics for router uptime and alert on deviations
  • Consider placing router management interfaces behind additional access controls or isolated network segments

How to Mitigate CVE-2025-71023

Immediate Actions Required

  • Restrict access to the router's web management interface to trusted IP addresses only
  • Disable remote management features if not required
  • Implement firewall rules to limit access to router administration ports
  • Monitor for firmware updates from Tenda that address this vulnerability

Patch Information

No vendor patch information is currently available for this vulnerability. Organizations should monitor Tenda's official support channels for firmware updates addressing CVE-2025-71023. Until a patch is released, implementing network-level access controls is the primary mitigation strategy.

For additional technical details, see the GitHub Vulnerability Report.

Workarounds

  • Restrict management interface access to specific trusted IP addresses using firewall rules
  • Place the router management interface on an isolated VLAN accessible only to administrators
  • Disable the web-based management interface and use alternative configuration methods if available
  • Implement a Web Application Firewall (WAF) or reverse proxy to filter oversized parameters
bash
# Example firewall rule to restrict router management access (iptables)
# Replace 192.168.1.1 with your router IP and 192.168.1.100 with trusted admin IP
iptables -A INPUT -d 192.168.1.1 -p tcp --dport 80 -s 192.168.1.100 -j ACCEPT
iptables -A INPUT -d 192.168.1.1 -p tcp --dport 80 -j DROP

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.