CVE-2025-25523 — MEDIUM (5.9)

Vulnerability Description

Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Trendnet	Teg-40128 Firmware	1.00.023
Trendnet	Teg-40128	-

Related Weaknesses (CWE)

CWE-120

References

https://gist.github.com/XiaoCurry/cb190038c9402c9f89681a0e116996f6Broken Link

FAQ

What is CVE-2025-25523?

CVE-2025-25523 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Buffer overflow vulnerability in Trendnet TEG-40128 Web Smart Switch v1(1.00.023) due to the lack of length verification, which is related to the mobile access point setup operation. The attacker can ...

How severe is CVE-2025-25523?

CVE-2025-25523 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-25523?

Check the references section above for vendor advisories and patch information. Affected products include: Trendnet Teg-40128 Firmware, Trendnet Teg-40128.