CVE-2025-70753 is a stack overflow vulnerability identified in the Tenda AX-1806 router firmware version 1.0.0.1. The flaw exists in the processing of the security_5g parameter within the sub_4CA50 function, where improper handling of input data leads to a stack overflow condition. This vulnerability can be triggered by sending a specially crafted request to the device, causing it to crash or reboot, resulting in a Denial of Service (DoS). The vulnerability does not require authentication, meaning an attacker with network access to the router’s management interface or exposed services can exploit it. No known exploits have been reported in the wild, and no patches or firmware updates have been released at the time of this report. The lack of a CVSS score indicates that the vulnerability is newly disclosed and not yet fully assessed. The stack overflow nature of the vulnerability suggests that it could potentially be leveraged for more severe attacks, such as remote code execution, but currently, only DoS is confirmed. The affected device, Tenda AX-1806, is a consumer-grade Wi-Fi 6 router commonly used in small office and home environments. The vulnerability’s exploitation could disrupt network connectivity, impacting business operations and user productivity.

For European organizations, exploitation of this vulnerability could lead to temporary loss of network connectivity due to router crashes or reboots, resulting in Denial of Service. This can disrupt critical business operations, especially for small and medium enterprises relying on Tenda AX-1806 routers for internet access and internal networking. The impact on confidentiality and integrity is currently unknown, as no remote code execution or data breach has been reported. However, the availability impact alone can cause significant operational downtime, affecting communication, cloud access, and other network-dependent services. Organizations in sectors with high reliance on continuous connectivity, such as finance, healthcare, and manufacturing, may experience operational delays and potential financial loss. Additionally, the lack of authentication requirement lowers the barrier for attackers, increasing the risk of exploitation in environments where routers are exposed to untrusted networks or the internet. The absence of patches means organizations must rely on network-level mitigations until vendor updates are available.

1. Immediately restrict access to the router’s management interfaces by limiting them to trusted internal networks and disabling remote management features if not required. 2. Implement network segmentation to isolate vulnerable devices from critical infrastructure and sensitive data. 3. Monitor network traffic for unusual or malformed requests targeting the security_5g parameter or the router’s management interface. 4. Employ intrusion detection/prevention systems (IDS/IPS) with custom signatures to detect exploitation attempts once signatures become available. 5. Regularly check for firmware updates from Tenda and apply patches promptly when released. 6. Consider replacing vulnerable Tenda AX-1806 routers with alternative devices from vendors with stronger security track records if immediate patching is not feasible. 7. Educate IT staff about this vulnerability and encourage proactive network hygiene and device hardening practices. 8. Maintain backups of router configurations to facilitate rapid recovery after a DoS event.