CVE-2025-6110

| EUVD-2025-18367 HIGH
2025-06-16 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18367
PoC Detected
Jun 17, 2025 - 19:38 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 07:15 nvd
HIGH 8.8

Tags

Buffer Overflow Fh1201 Firmware Tenda

Description

A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

Critical stack-based buffer overflow vulnerability in Tenda FH1201 firmware version 1.2.0.14(408) affecting the /goform/SafeMacFilter endpoint. An authenticated remote attacker can exploit the 'page' parameter to achieve remote code execution with high confidentiality, integrity, and availability impact. Public exploit code exists and the vulnerability is actively exploitable.

Technical Context

The vulnerability exists in the SafeMacFilter form handler within Tenda's proprietary firmware, likely implemented in C/C++ without proper input validation. The stack-based buffer overflow (CWE-119) occurs when the 'page' parameter is passed without bounds checking to a fixed-size stack buffer, allowing attackers to overwrite the stack frame and potentially execute arbitrary code. Tenda FH1201 is a wireless router/access point that uses embedded Linux with custom web interface handlers. The /goform endpoint is a CGI application handler typical in consumer networking equipment that processes form submissions. CPE identifier: cpe:2.3:o:tenda:fh1201_firmware:1.2.0.14\(408\):*:*:*:*:*:*:*

Affected Products

Tenda FH1201 firmware version 1.2.0.14(408) and likely earlier versions. CPE: cpe:2.3:o:tenda:fh1201_firmware:1.2.0.14\(408\):*:*:*:*:*:*:*. Potentially affected: other Tenda router models using similar SafeMacFilter implementation in affected firmware branches. Tenda has not issued public advisories in major CVE databases; firmware updates may be available directly from Tenda support or device management interfaces.

Remediation

Immediate actions: (1) Update FH1201 firmware to version newer than 1.2.0.14(408) if available from Tenda's support portal or device web interface (Administration > Firmware Upgrade). (2) Disable remote management/WAN access to the router's web interface if not required (Administration > Remote Management—disable). (3) Change default administrative credentials (typically admin/admin on Tenda devices). (4) Restrict access to /goform endpoints via firewall rules at network perimeter. (5) Monitor for suspicious POST requests to /goform/SafeMacFilter in device logs. Contact Tenda support (support.tenda.com.cn or regional support) for patched firmware availability and timeline. Workaround: isolate affected device to trusted LAN only until patch is deployed.

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.3
CVSS: +44
POC: +20

Share

CVE-2025-6110 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy