Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Tenda AC23 Stack-Based Buffer Overflow Vulnerability in SetIpMacBind Function

Vulnerability

Exploited

A stack-based buffer overflow vulnerability has been identified in the Tenda AC23 router, specifically in version 16.03.07.52. The issue arises in the 'fromSetIpMacBind' function within the '/goform/SetIpMacBind' file. This vulnerability can be exploited remotely by manipulating the 'bindnum' argument. The exploitation of this vulnerability is made easier by the availability of a public exploit.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, which can commonly result in arbitrary code execution or causing the device to crash.

Added: Dec 30, 2025, 3:19 AM

Updated: Dec 30, 2025, 3:19 AM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.6

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

6.6

remediation

0.0

relevance

1.6

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Tenda AC23 Stack-Based Buffer Overflow Vulnerability in SetIpMacBind Function

Vulnerability

Impact

Affected Products

Tenda AC23

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating