Cybersecurity Vulnerabilities

CVE-2025-50402: Critical Buffer Overflow Discovered in FAST FAC1200R Routers

November 26, 2025 - By 

Overview

A significant security vulnerability, identified as CVE-2025-50402, has been discovered in FAST FAC1200R F400_FAC1200R_Q routers. This vulnerability is a buffer overflow located within the sub_80435780 function and is triggered via the fac_password parameter. This flaw could potentially allow attackers to execute arbitrary code on affected devices, leading to serious security breaches.

Technical Details

The root cause of CVE-2025-50402 is a buffer overflow vulnerability in the sub_80435780 function of the FAST FAC1200R router’s firmware. The fac_password parameter, when supplied with an input string exceeding the buffer’s capacity, allows for overwriting adjacent memory regions. This can lead to code execution if the overwritten memory contains critical program data or executable code pointers.

The vulnerability can be triggered by sending a specially crafted request containing an overly long string in the fac_password parameter to the affected function. This typically occurs through a web interface or potentially via other network services exposed by the router.

CVSS Analysis

Currently, the Common Vulnerability Scoring System (CVSS) score for CVE-2025-50402 is listed as N/A. However, due to the nature of buffer overflow vulnerabilities and the potential for remote code execution, it is highly recommended to treat this vulnerability as high severity until a formal CVSS score is assigned. A successful exploit could grant an attacker complete control over the device.

Possible Impact

A successful exploitation of CVE-2025-50402 could have severe consequences:

  • Remote Code Execution: Attackers could execute arbitrary code on the router, allowing them to install malware, create backdoors, or control the device completely.
  • Data Theft: Compromised routers could be used to intercept and steal sensitive data transmitted through the network.
  • Denial of Service: Attackers could crash the router, causing a denial of service for all connected devices.
  • Botnet Recruitment: Compromised routers could be recruited into botnets for launching distributed attacks.

Mitigation or Patch Steps

To mitigate the risk posed by CVE-2025-50402, the following steps are recommended:

  • Firmware Update: Check the manufacturer’s website (FAST) for a firmware update addressing this vulnerability. Apply the update as soon as it becomes available. This is the primary method of remediation.
  • Disable Remote Management: If possible, disable remote management access to the router from the internet. This reduces the attack surface.
  • Strong Passwords: Ensure that all administrative accounts on the router are protected with strong, unique passwords.
  • Network Segmentation: Segment your network to limit the potential impact of a compromised router.

References

GitHub: Proof of Concept – FAST FAC1200R Buffer Overflow

Note: This information is based on publicly available data and is subject to change. Please refer to the official security advisories from FAST for the most accurate and up-to-date information.

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *