CVE-2025-67073CRITICAL 9.8EPSS p43.7%

CVE-2025-67073CVE-2025-67073

Description

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload (field `serviceName`) to /goform/AdvSetMacMtuWan.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 43.7% · 2026-06-21T12:00:28Z
Published2025-12-17
Last modified2026-01-02

Underlying weaknesses· 1

CWE-120

References

  1. https://github.com/johnathanhuutri/CVEReport/tree/master/CVE-2025-67073

1

TypeTargetConfidenceTier
WeaknessBuffer Copy without Checking Size of Input ('Classic Buffer Overflow')cwe-1200%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-9791
CVE
CVE-2025-10432
CVE
CVE-2025-8060
CVE
CVE-2025-8017
CVE
CVE-2025-4368
CVE
CVE-2026-1637
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.