CVE-2025-25663

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 20, 2025

Updated: Feb 21, 2025

CWE ID 120

Summary

CVE-2025-25663 is a newly discovered vulnerability affecting the Tenda AC8V4 V16.03.34.06 firmware. This issue lies within the SUB_0046AC38 function of the WifiExtraSet file. The vulnerability is triggered through the manipulation of the wpapsk_crypto argument, resulting in a stack-based buffer overflow. Successful exploitation could potentially lead to code injection or denial of service attacks, posing a significant risk to affected devices. Users are advised to update their firmware to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3IDpfa
https://www.cve.org/CVERecord?id=CVE-2025-25663
https://nvd.nist.gov/vuln/detail/CVE-2025-25663

Back to Vulnerability Database

CVE-2025-25663

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations