{"id":51889,"date":"2025-06-14T11:55:35","date_gmt":"2025-06-14T11:55:35","guid":{"rendered":""},"modified":"2025-09-07T11:38:28","modified_gmt":"2025-09-07T17:38:28","slug":"cve-2025-5847-critical-buffer-overflow-vulnerability-in-tenda-ac9-router","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-5847-critical-buffer-overflow-vulnerability-in-tenda-ac9-router\/","title":{"rendered":"CVE-2025-5847: Critical Buffer Overflow Vulnerability in Tenda AC9 Router<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

A serious vulnerability has been discovered in the Tenda AC9 router (version 15.03.02.13), which, if exploited, could lead to a system compromise or data leakage. This vulnerability was found in the HTTP POST Request Handler component, specifically in the formSetSafeWanWebMan function of the \/goform\/SetRemoteWebCfg file. The vulnerability is particularly concerning because it can be exploited remotely<\/a>, meaning that attackers do not have to be physically present or connected to the same network as the router. Therefore, it is of paramount importance for users of the Tenda AC9 router to understand the implications of this vulnerability<\/a> and take immediate steps to mitigate the risk.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-5847
\nSeverity: Critical (8.8 CVSS score)
\nAttack Vector: Remote
\nPrivileges Required: None
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n