Published: 14/03/2025 Updated: 19/03/2025

Tenda AC9 v1.0 Stack Overflow in WAN MTU Parameter Enables Remote Code Execution

Tenda AC9 v1.0 V15.03.05.14_multi router firmware contains a stack overflow vulnerability in the wanMTU parameter of the /goform/AdvSetMacMtuWan endpoint. This vulnerability can potentially allow an attacker to execute remote arbitrary code by exploiting the stack overflow issue in the web interface configuration setting.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tenda ac9 firmware 15.03.05.14

CVE-2025-29384 Proof-of-Concept Exploit Overview This repository contains an advanced proof-of-concept (PoC) exploit for CVE-2025-29384, a critical stack-based buffer overflow vulnerability discovered in the Tenda AC9 router running firmware version V15030514_multi This vulnerability allows unauthenticated remote attackers to crash the router’s web server (Denial-of-S

CWE-787 CWE-787 https://nvd.nist.gov https://github.com/Otsmane-Ahmed/cve-2025-29384-poc https://www.first.org/epss https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/AdvSetMacMtuWan1.md

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2025-29384

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect