CVE-2024-25373 is a stack overflow vulnerability identified in the Tenda AC10 V4.0 router firmware version 16.03.10.20. The vulnerability arises from improper handling of the 'page' parameter within the sub_49B384 function, which leads to a stack-based buffer overflow (CWE-120). This flaw can be exploited by an attacker with adjacent network access and low privileges (PR:L) without requiring user interaction (UI:N). The attack vector is adjacent network (AV:A), meaning the attacker must be on the same or a logically adjacent network segment to the vulnerable device. The vulnerability impacts confidentiality and integrity (C:L/I:L) but does not affect availability (A:N). The CVSS v3.1 base score is 4.6, reflecting medium severity due to limited impact scope and exploitation complexity. No known public exploits or patches are available at this time. The vulnerability could allow an attacker to execute arbitrary code or manipulate sensitive information on the device, potentially leading to further network compromise. The lack of user interaction and low attack complexity increase the risk in environments where network segmentation is weak or where the device management interface is exposed. The affected product, Tenda AC10, is a widely used consumer and small office/home office (SOHO) router, making this vulnerability relevant for many organizations and individuals relying on this hardware for network connectivity.

The primary impact of CVE-2024-25373 is on the confidentiality and integrity of the affected Tenda AC10 routers. Exploitation could allow attackers to execute arbitrary code or manipulate router settings, potentially leading to unauthorized access to network traffic, interception of sensitive data, or further lateral movement within the network. Although availability is not directly affected, compromised routers could be leveraged as footholds for broader attacks, including man-in-the-middle attacks or persistent network surveillance. Organizations relying on these routers, especially in small office or home office environments, may face increased risk of data breaches or network compromise. The requirement for adjacent network access limits remote exploitation but does not eliminate risk in poorly segmented or unsecured networks. The absence of known exploits in the wild reduces immediate threat but does not preclude future exploitation once proof-of-concept code or exploit tools become available. The medium severity rating indicates that while the vulnerability is not critical, it still poses a meaningful risk that should be addressed promptly to maintain network security posture.

1. Immediately restrict access to the router's management interface by limiting it to trusted network segments and disabling remote management features if enabled. 2. Implement strong network segmentation to prevent untrusted devices from accessing the router's administrative interfaces. 3. Monitor network traffic for unusual activity or signs of exploitation attempts targeting the 'page' parameter or related functions. 4. Regularly audit and update router firmware; although no patch is currently available, stay informed from Tenda's official channels for security updates addressing this vulnerability. 5. Consider replacing vulnerable devices with models that have received security updates or have a stronger security track record if patching is delayed. 6. Employ network intrusion detection/prevention systems (IDS/IPS) capable of detecting anomalous traffic patterns associated with buffer overflow attempts. 7. Educate users and administrators about the risks of exposing router management interfaces and the importance of secure configuration practices. These steps go beyond generic advice by focusing on network-level controls, proactive monitoring, and device lifecycle management specific to this vulnerability's characteristics.