CVE-2025-63454 identifies a stack overflow vulnerability in the Tenda AX-3 router firmware version 16.03.12.10_CN. The vulnerability is triggered via the deviceId parameter in the get_parentControl_list_Info function, which fails to properly validate input length or content, leading to a stack-based buffer overflow. This flaw can be exploited remotely over the network without requiring authentication or user interaction, making it accessible to unauthenticated attackers. The primary impact of this vulnerability is a Denial of Service (DoS), where crafted requests cause the router to crash or become unresponsive, disrupting network connectivity. The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow), a common and critical software weakness that can lead to crashes or potential code execution, though in this case, only DoS is reported. The CVSS v3.1 base score is 7.5, reflecting high severity due to network attack vector, low attack complexity, no privileges or user interaction needed, and a significant impact on availability. No patches or known exploits have been reported yet, indicating the vulnerability is newly disclosed. The affected device, Tenda AX-3, is a consumer-grade Wi-Fi 6 router widely used in home and small office environments, which may also be deployed in some enterprise edge scenarios. The lack of authentication requirement and ease of exploitation increase the risk of widespread disruption if exploited in the wild.

For European organizations, the primary impact of CVE-2025-63454 is the potential for network outages caused by Denial of Service attacks against Tenda AX-3 routers. This can disrupt internet access, internal communications, and connected services, leading to operational downtime and productivity losses. Small businesses and home office users relying on these routers may experience connectivity interruptions, affecting remote work and business continuity. Critical infrastructure or service providers using these devices at network edges could face service degradation or outages, impacting customers and stakeholders. Although no data confidentiality or integrity compromise is reported, availability loss can have cascading effects on dependent systems and services. The absence of authentication and user interaction requirements means attackers can launch attacks remotely and at scale, increasing the threat surface. European organizations with limited network segmentation or monitoring may be more vulnerable to exploitation. The lack of an official patch at the time of disclosure necessitates interim protective measures to mitigate risk.

1. Immediately identify and inventory all Tenda AX-3 routers within the network environment to assess exposure. 2. Implement network segmentation to isolate vulnerable routers from critical infrastructure and sensitive systems, limiting attack propagation. 3. Deploy intrusion detection/prevention systems (IDS/IPS) with custom signatures to detect and block anomalous requests targeting the get_parentControl_list_Info function or suspicious deviceId parameter patterns. 4. Restrict remote management interfaces and disable unnecessary services on affected routers to reduce attack vectors. 5. Monitor network traffic for unusual spikes or repeated malformed requests indicative of exploitation attempts. 6. Engage with Tenda support channels to obtain firmware updates or patches as soon as they become available and plan prompt deployment. 7. Consider temporary replacement or upgrade of vulnerable devices with models confirmed to be secure. 8. Educate IT staff and users about the vulnerability and encourage vigilance for network disruptions that may signal exploitation. 9. Maintain up-to-date backups and incident response plans to quickly recover from potential DoS incidents. 10. Coordinate with cybersecurity information sharing organizations to stay informed on emerging exploit developments.