EUVD-2025-18378

| CVE-2025-6113 HIGH
2025-06-16 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 14, 2026 - 21:59 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 21:59 euvd
EUVD-2025-18378
PoC Detected
Jun 17, 2025 - 19:38 vuln.today
Public exploit code
CVE Published
Jun 16, 2025 - 08:15 nvd
HIGH 8.8

Tags

Buffer Overflow Fh1203 Firmware Tenda

Description

A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. Affected is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

Critical remote buffer overflow vulnerability in Tenda FH1203 firmware version 2.0.1.6 affecting the /goform/AdvSetLanip endpoint. An authenticated attacker can exploit improper input validation of the lanMask parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability). A public proof-of-concept exploit exists, indicating active disclosure and potential real-world exploitation risk.

Technical Context

The vulnerability exists in the fromadvsetlanip function within the Tenda FH1203 router's web administration interface. Tenda FH1203 is a residential WLAN router running proprietary firmware. The vulnerability is classified as CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic stack-based buffer overflow caused by insufficient bounds checking on the lanMask parameter. The affected endpoint /goform/AdvSetLanip handles LAN IP configuration requests and fails to validate the length of user-supplied input before copying it into a fixed-size buffer. This allows an authenticated attacker to overwrite adjacent stack memory, potentially hijacking control flow to execute arbitrary code with router privileges. CPE identifier: cpe:2.3:o:tenda:fh1203_firmware:2.0.1.6:*:*:*:*:*:*:*

Affected Products

FH1203 (['2.0.1.6'])

Remediation

Immediate actions: (1) Check for available firmware updates from Tenda's official support website or admin interface (Settings > System Tools > Firmware Upgrade). (2) If patched firmware is available for FH1203, upgrade immediately. (3) Temporary workarounds while awaiting patch: disable remote management access, restrict web interface access to trusted networks only via firewall rules, change default credentials to strong unique passwords, monitor router logs for suspicious /goform/AdvSetLanip requests. (4) Consider network segmentation to isolate router management traffic. (5) Monitor Tenda's security advisories at tenda.com.cn or regional support sites for patch availability. Without access to specific vendor advisory links in provided references, recommend checking Tenda support directly and security databases (NVD, Exploit-DB) for patch version information once released.

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.2
CVSS: +44
POC: +20

Share

EUVD-2025-18378 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy