What is the CVSS score of CVE-2025-6112?

CVE-2025-6112 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.2%.

Which versions of Fh1205 Firmware are affected by CVE-2025-6112?

Tenda FH1205 routers (version 2.0.0.7) contain a critical remote code execution vulnerability with a public exploit available, allowing attackers to compromise network infrastructure without…

Is there a public PoC exploit available for CVE-2025-6112?

Yes, a public proof-of-concept exploit is available for CVE-2025-6112. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-6112?

Within 24 hours: Inventory all Tenda FH1205 devices running firmware 2.0.0.7 and isolate affected units from critical network segments if possible. Within 7 days: Contact Tenda for patch availability status and timeline; implement network access controls to restrict administrative interfaces to trusted IPs only. Within 30 days: Replace affected devices with patched firmware versions once available, or deploy alternative router models if Tenda does not release a timely patch.

Fh1205 Firmware CVE-2025-6112

EUVD-2025-18368 HIGH

Buffer Overflow (CWE-119)

2025-06-16 cna@vuldb.com

Buffer Overflow Fh1205 Firmware Tenda

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 21:59 euvd

EUVD-2025-18368

Analysis Generated

Mar 14, 2026 - 21:59 vuln.today

PoC Detected

Jul 18, 2025 - 12:49 vuln.today

Public exploit code

CVE Published

Jun 16, 2025 - 08:15 nvd

HIGH 8.8

DescriptionCVE.org

A vulnerability, which was classified as critical, has been found in Tenda FH1205 2.0.0.7. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

Critical buffer overflow vulnerability in Tenda FH1205 firmware version 2.0.0.7 affecting the lanMask parameter in the /goform/AdvSetLanip endpoint. An authenticated remote attacker can exploit this to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). A public proof-of-concept exists, making this an active exploitation risk.

Technical ContextAI

The vulnerability exists in the fromadvsetlanip function within Tenda's web-based router management interface. The vulnerable parameter 'lanMask' is not properly sanitized before being used in a buffer operation, triggering a classic stack-based or heap-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer). Tenda FH1205 is a residential WiFi router that uses embedded Linux with a web administration interface typically written in C/C++. The /goform/ endpoint pattern is common in Tenda devices for handling configuration changes. The buffer overflow allows an attacker to write beyond allocated memory boundaries, potentially overwriting function pointers, return addresses, or adjacent heap structures to gain remote code execution.

RemediationAI

Immediate actions: (1) If patch available: Upgrade to firmware version beyond 2.0.0.7 (check Tenda's official support page for FH1205). (2) If no patch: Disable remote management/WAN access to the web interface (set to LAN-only if available in UI). (3) Change default credentials and enforce strong passwords on router admin account. (4) Isolate affected routers on segregated networks if possible. (5) Monitor for unauthorized configuration changes or signs of compromise (unusual CPU/memory usage, unexpected outbound connections). (6) Check Tenda's official advisory at https://www.tenda.com.cn or contact their support for patch ETA. (7) Consider replacement with patched firmware version or alternative router if patch is not forthcoming. Temporary mitigation: Block WAN access to port 80/443 on the router's admin interface via firewall rules.

CVE-2025-6112 vulnerability details – vuln.today

Back

Fh1205 Firmware CVE-2025-6112

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code