CVE-2025-57060 is a high-severity vulnerability identified in the Tenda G3 router firmware version 3.0br_V15.11.0.17. The flaw is a stack-based buffer overflow located in the dns_forward_rule_store function, specifically triggered by the rules parameter. This vulnerability arises when the input to the rules parameter is not properly validated or bounds-checked, allowing an attacker to overwrite the stack memory. Exploiting this flaw requires sending a specially crafted request to the affected device, which does not require any authentication or user interaction, making it remotely exploitable over the network. The primary impact of this vulnerability is a Denial of Service (DoS), where the router may crash or reboot, disrupting network connectivity. The CVSS v3.1 base score is 7.5, reflecting a high severity due to the network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), no confidentiality or integrity impact (C:N, I:N), but a high impact on availability (A:H). The vulnerability is classified under CWE-121, indicating a classic stack-based buffer overflow issue. No known exploits are currently reported in the wild, and no patches have been linked yet. The affected version is specifically the Tenda G3 firmware 3.0br_V15.11.0.17, but the exact range of affected versions is not detailed. This vulnerability could be leveraged by attackers to disrupt network services, potentially impacting home users and small to medium enterprises relying on this router model for internet connectivity.

For European organizations, the impact of CVE-2025-57060 could be significant, especially for small and medium-sized enterprises (SMEs) and home office setups that utilize Tenda G3 routers. A successful exploitation results in a denial of service, causing network outages and loss of internet connectivity. This disruption can affect business operations, remote work capabilities, and access to cloud services. Although the vulnerability does not allow data theft or code execution, the loss of availability can lead to operational downtime, reduced productivity, and potential financial losses. Critical infrastructure or organizations with remote sites using these routers may experience cascading effects if network segmentation relies on these devices. Additionally, the lack of authentication requirement means attackers can exploit the vulnerability from anywhere on the internet, increasing the risk profile. The absence of known exploits in the wild currently reduces immediate risk but does not eliminate the threat, especially as proof-of-concept code could emerge. European organizations should be aware of this vulnerability to avoid unexpected network outages and maintain service continuity.

1. Immediate mitigation involves isolating affected Tenda G3 routers from untrusted networks until a firmware update is available. 2. Monitor network traffic for unusual or malformed DNS forwarding requests that could indicate exploitation attempts targeting the dns_forward_rule_store function. 3. Implement network-level protections such as firewall rules to restrict access to router management interfaces and DNS forwarding services from untrusted sources. 4. Regularly check for firmware updates from Tenda and apply patches promptly once released. 5. Where possible, replace vulnerable devices with alternative routers from vendors with strong security track records and timely patching policies. 6. Employ network segmentation to limit the impact of a compromised or unavailable router on critical business systems. 7. Conduct internal vulnerability assessments to identify all instances of the affected firmware version within the organization. 8. Educate IT staff about this specific vulnerability to ensure rapid response and incident handling if exploitation is suspected.