CVE-2025-57078 is a high-severity stack overflow vulnerability identified in the Tenda G3 router firmware version 3.0br_V15.11.0.17. The flaw exists in the formModifyPppAuthWhiteMac function, specifically in the handling of the pppoeServerWhiteMacIndex parameter. This parameter is vulnerable to a stack-based buffer overflow, which can be triggered by sending a specially crafted request to the affected device. Exploitation of this vulnerability does not require any authentication or user interaction, and the attacker can remotely cause a Denial of Service (DoS) condition by crashing the device or causing it to become unresponsive. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), indicating improper bounds checking on stack memory. The CVSS v3.1 base score is 7.5, reflecting a high severity due to its network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact is limited to availability, with no direct confidentiality or integrity compromise reported. No public exploits are currently known, and no patches have been linked yet, which suggests that affected organizations should prioritize monitoring and mitigation efforts. Given the nature of the vulnerability, attackers could disrupt network connectivity and services relying on the Tenda G3 router, potentially impacting business operations and causing downtime.

For European organizations, the impact of this vulnerability could be significant, especially for those relying on Tenda G3 routers in their network infrastructure. The DoS condition could disrupt internet connectivity, VPN access, or other PPPoE-based services, leading to operational interruptions. Critical sectors such as finance, healthcare, and government agencies that depend on continuous network availability could face service outages, affecting productivity and potentially causing financial losses. Additionally, organizations with remote or branch offices using these routers might experience isolated network failures, complicating incident response and recovery. Although the vulnerability does not directly expose sensitive data or allow unauthorized access, the resulting downtime could indirectly affect confidentiality and integrity by forcing fallback to less secure communication methods or delaying security updates. The lack of known exploits reduces immediate risk but does not eliminate the threat, as attackers may develop exploits once the vulnerability becomes widely known.

Organizations should immediately inventory their network devices to identify any Tenda G3 routers running the vulnerable firmware version 3.0br_V15.11.0.17. Until an official patch is released, network administrators should implement network-level protections such as firewall rules to restrict access to the router's management interfaces and PPPoE services from untrusted networks. Disabling PPPoE server functionality if not required can reduce the attack surface. Monitoring network traffic for unusual or malformed PPPoE requests can help detect attempted exploitation. Additionally, organizations should segment networks to isolate critical systems from affected devices and prepare incident response plans to quickly restore service in case of a DoS event. Regularly checking for firmware updates from Tenda and applying them promptly once available is essential. Where possible, consider replacing vulnerable devices with models that have a stronger security track record or vendor support.