CVE-2025-70753 identifies a stack overflow vulnerability in the Tenda AX-1806 router firmware version 1.0.0.1, specifically within the sub_4CA50 function that processes the security_5g parameter. A stack overflow occurs when more data is written to a buffer than it can hold, overwriting adjacent memory and causing unpredictable behavior. In this case, an attacker can craft a malicious request targeting the security_5g parameter to overflow the stack, leading to a denial of service by crashing or rebooting the device. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The CVSS v3.1 base score is 7.5 (high), reflecting the network attack vector, low attack complexity, no privileges required, no user interaction, and impact limited to availability (no confidentiality or integrity impact). The vulnerability is classified under CWE-121 (Stack-based Buffer Overflow). No patches or vendor advisories have been published yet, and no exploits are known in the wild. The lack of authentication and ease of exploitation make this a critical concern for environments relying on this router model for network connectivity. Attackers could disrupt network availability, impacting business operations and service continuity.

For European organizations, exploitation of this vulnerability could result in denial of service of critical network infrastructure, causing outages and loss of connectivity. This could affect enterprises, ISPs, and residential users relying on Tenda AX-1806 routers, leading to operational disruptions, degraded productivity, and potential financial losses. In sectors such as finance, healthcare, and critical infrastructure, network downtime can have severe consequences including regulatory non-compliance and reputational damage. The vulnerability does not expose data confidentiality or integrity but compromises availability, which is crucial for business continuity. Given the remote, unauthenticated exploit vector, attackers could launch widespread DoS attacks, potentially as part of larger campaigns or to facilitate secondary attacks by disrupting network defenses. The absence of patches increases the window of exposure, emphasizing the need for proactive mitigation. Organizations with remote or unmanaged deployments are particularly at risk.

1. Immediately restrict remote access to the router’s management interfaces, especially from untrusted networks, using firewall rules or VPNs. 2. Segment networks to isolate vulnerable routers from critical systems and sensitive data. 3. Monitor network traffic for unusual or malformed requests targeting 5G configuration parameters or the router’s web interface. 4. Disable or limit 5G wireless functionality if not required to reduce the attack surface. 5. Regularly audit and inventory network devices to identify Tenda AX-1806 routers and prioritize their protection. 6. Engage with the vendor for firmware updates or patches and apply them promptly once available. 7. Consider replacing vulnerable devices with models from vendors with stronger security track records if patching is delayed. 8. Implement network-level DoS protection mechanisms to detect and mitigate attack traffic. 9. Educate network administrators about this vulnerability and ensure incident response plans include steps for router-related DoS events.