What is the CVSS score of CVE-2025-7548?

CVE-2025-7548 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of Fh1201 Firmware are affected by CVE-2025-7548?

A critical stack-based buffer overflow vulnerability in Tenda FH1201 wireless routers (version 1.2.0.14(408)) allows unauthenticated remote attackers to execute arbitrary code.

Is there a public PoC exploit available for CVE-2025-7548?

Yes, a public proof-of-concept exploit is available for CVE-2025-7548. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-7548?

Within 24 hours: Inventory all Tenda FH1201 devices in your environment and isolate affected units from production networks if operationally feasible. Within 7 days: Implement network segmentation to restrict administrative access to these devices and deploy WAF/IDS signatures to detect exploitation attempts targeting /goform/SafeEmailFilter. Within 30 days: Replace vulnerable Tenda FH1201 units with patched alternatives from the vendor or substitute with equipment from vendors with active security support; monitor Tenda security advisories for patch availability.

Fh1201 Firmware CVE-2025-7548

EUVD-2025-21283 HIGH

Buffer Overflow (CWE-119)

2025-07-13 cna@vuldb.com

Buffer Overflow Fh1201 Firmware Tenda

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 09:18 euvd

EUVD-2025-21283

Analysis Generated

Mar 16, 2026 - 09:18 vuln.today

PoC Detected

Jul 15, 2025 - 18:32 vuln.today

Public exploit code

CVE Published

Jul 13, 2025 - 23:15 nvd

HIGH 8.8

DescriptionCVE.org

A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

AnalysisAI

CVE-2025-7548 is a critical stack-based buffer overflow vulnerability in Tenda FH1201 wireless router firmware version 1.2.0.14(408) affecting the SafeEmailFilter function. An authenticated remote attacker can exploit an improper bounds check on the 'page' parameter to achieve arbitrary code execution with full system privileges (confidentiality, integrity, and availability compromise). Public exploit code exists for this vulnerability, elevating real-world risk significantly.

Technical ContextAI

This vulnerability exists in the formSafeEmailFilter function within the /goform/SafeEmailFilter endpoint of Tenda FH1201 routers. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic stack-based buffer overflow triggered by insufficient input validation on the 'page' parameter. Tenda routers are embedded Linux-based networking appliances using proprietary web management interfaces; the vulnerable endpoint likely processes form data without proper length validation before copying to stack-allocated buffers. The attack surface is the unauthenticated or authenticated web management interface (typically port 80/443) present on consumer broadband routers used in homes and small offices worldwide.

RemediationAI

Immediate actions: (1) Tenda must release a patched firmware version addressing the buffer overflow in formSafeEmailFilter function—users should check tenda.com.cn or their regional Tenda support site for firmware updates and apply immediately; (2) Temporary mitigation: disable remote management access to the router's web interface (disable WAN access to port 80/443 in router settings) and restrict management interface access to trusted local networks only; (3) Change default credentials if not already changed; (4) Monitor for suspicious access patterns to /goform/SafeEmailFilter endpoint in router logs. Users should not delay patching given public exploit availability. Network administrators should prioritize Tenda FH1201 devices in patch management workflows.

CVE-2025-7548 vulnerability details – vuln.today

Back

Fh1201 Firmware CVE-2025-7548

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code