The vulnerability identified as CVE-2025-63147 affects the Tenda AX3 router firmware version V16.03.12.10_CN. It is a stack-based buffer overflow located in the saveParentControlInfo function, specifically triggered by improper handling of the deviceId parameter. This flaw allows an unauthenticated remote attacker to send a specially crafted request to the device, causing a stack overflow that leads to a Denial of Service (DoS) condition by crashing or destabilizing the router. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), which typically results from insufficient bounds checking on input data. The CVSS v3.1 base score is 6.5, reflecting a medium severity with an attack vector of adjacent network (AV:A), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) with no confidentiality or integrity impact. No patches or fixes have been released at the time of publication, and no exploits are known to be active in the wild. The vulnerability primarily threatens the availability of the device, potentially disrupting network connectivity for users relying on the affected routers. The lack of authentication and user interaction requirements increases the risk of exploitation in environments where the attacker can reach the router's management interface or network segment. This vulnerability highlights the importance of secure input validation and robust firmware development practices in consumer-grade networking equipment.

For European organizations, the primary impact of CVE-2025-63147 is the potential disruption of network availability due to router crashes caused by the stack overflow. This can lead to temporary loss of internet connectivity, affecting business operations, remote work capabilities, and access to cloud services. Small and medium-sized enterprises (SMEs) and residential users relying on Tenda AX3 routers are particularly vulnerable, as these devices are commonly used in home and small office environments. The DoS condition could be exploited by attackers to cause targeted outages or as part of a larger attack campaign to disrupt network infrastructure. Although the vulnerability does not compromise data confidentiality or integrity, the loss of availability can have cascading effects on productivity and service continuity. Additionally, the absence of patches increases the window of exposure, emphasizing the need for proactive mitigation. European critical infrastructure and organizations with remote workforce setups may face operational risks if their network edge devices are affected. The medium severity rating suggests a moderate threat level, but the ease of exploitation without authentication and user interaction elevates the urgency of addressing this vulnerability.

1. Immediately restrict remote access to the Tenda AX3 router management interfaces, especially from untrusted networks, to reduce exposure to potential attackers. 2. Implement network segmentation to isolate routers from critical internal systems and limit the attack surface. 3. Monitor network traffic for unusual or malformed requests targeting the deviceId parameter or the saveParentControlInfo function, using intrusion detection systems (IDS) or network behavior analysis tools. 4. Disable or limit parental control features if not required, as the vulnerability is linked to the saveParentControlInfo function related to parental controls. 5. Regularly check for firmware updates from Tenda and apply patches promptly once available to remediate the vulnerability. 6. Employ network-level protections such as firewalls and access control lists (ACLs) to block suspicious traffic patterns. 7. Educate users and administrators about the risks of using default or outdated firmware and encourage best practices for secure router configuration. 8. Consider replacing vulnerable devices with models from vendors with stronger security track records if timely patches are not forthcoming.