CVE-2025-68706 — CRITICAL (9.8)

Vulnerability Description

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf() to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attacker to corrupt adjacent stack memory, crash the web server, and (under certain conditions) may enable arbitrary code execution.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Kuwfi	Ac900 Firmware	1.0.13
Kuwfi	Ac900	-

Related Weaknesses (CWE)

CWE-121

References

https://drive.proton.me/urls/HJCJYAC7JM#XtHcm3P7QaYkBroken Link
https://github.com/actuator/cve/blob/main/Kuwfi/CVE-2025-68706.txtThird Party Advisory
https://github.com/actuator/cve/tree/main/KuwfiThird Party Advisory
https://kuwfi.com/products/kuwfi-gigabit-wireless-router-4g-lte-wifi-router-dualProduct

FAQ

What is CVE-2025-68706?

CVE-2025-68706 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf() to copy the user-supplie...

How severe is CVE-2025-68706?

CVE-2025-68706 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-68706?

Check the references section above for vendor advisories and patch information. Affected products include: Kuwfi Ac900 Firmware, Kuwfi Ac900.