EUVD-2025-18366CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Description
A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Analysis
Critical stack-based buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7(775) affecting the /goform/VirtualSer endpoint's 'page' parameter. An authenticated remote attacker can exploit this to achieve complete system compromise including arbitrary code execution, data exfiltration, and service disruption. The vulnerability has public exploit disclosure and demonstrated proof-of-concept availability, elevating immediate risk despite requiring valid credentials.
Technical Context
The vulnerability exists in the fromVirtualSer function of the Tenda FH1205 router's web management interface (CPE: cpe:2.3:o:tendacn:fh1205_firmware:2.0.0.7\(775\)). The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically a stack-based buffer overflow where the 'page' parameter is insufficiently validated before being written to a fixed-size stack buffer. This is a classic memory corruption vulnerability in embedded device firmware, where unsafe C string operations (likely strcpy or similar) copy user-controlled input without bounds checking. The /goform/ endpoint pattern indicates a legacy CGI-based web interface common in consumer router firmware. Stack-based buffer overflows in router firmware are particularly severe as they typically execute with high privilege levels (root/admin) and can directly compromise device hardware and connected networks.
Affected Products
FH1205 (['2.0.0.7(775)'])
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today