EUVD-2025-21238

| CVE-2025-7505 HIGH
2025-07-12 [email protected]
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Analysis Generated
Mar 16, 2026 - 08:56 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 08:56 euvd
EUVD-2025-21238
PoC Detected
Jul 15, 2025 - 17:50 vuln.today
Public exploit code
CVE Published
Jul 12, 2025 - 23:15 nvd
HIGH 8.8

Tags

Buffer Overflow Fh451 Firmware Tenda

Description

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function frmL7ProtForm of the file /goform/L7Prot of the component HTTP POST Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Analysis

CVE-2025-7505 is a critical stack-based buffer overflow vulnerability in Tenda FH451 v1.0.0.9 affecting the HTTP POST request handler's L7 protocol filter functionality. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'page' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed and the vulnerability meets CISA KEV criteria for active exploitation risk.

Technical Context

The vulnerability exists in the frmL7ProtForm function within the /goform/L7Prot HTTP endpoint of Tenda FH451 router firmware. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), specifically a stack-based buffer overflow. The vulnerable parameter 'page' lacks proper bounds checking, allowing an attacker to write beyond allocated stack memory. This affects the HTTP POST request handler component responsible for Layer 7 (application-layer) protocol filtering configuration. The CPE for this product is likely cpe:2.3:o:tenda:fh451_firmware:1.0.0.9. Tenda FH451 is a common residential WiFi router, making this a widespread exposure risk across consumer networks.

Affected Products

Tenda FH451 (['1.0.0.9'])

Remediation

Apply latest firmware update from Tenda. Check Tenda support portal (support.tenda.com.cn or regional equivalent) for FH451 firmware versions >1.0.0.9. Verify update addresses CVE-2025-7505 in release notes. Access Control: Restrict access to the /goform/L7Prot endpoint using firewall rules. Disable remote management interfaces if not required. Implement strong authentication for router admin access to prevent credential-based attacks. Network Segmentation: Isolate router management interfaces on a separate VLAN or network segment. Monitor for suspicious POST requests to /goform/L7Prot endpoint. Monitoring: Enable router access logs (if available). Monitor for exploitation attempts via malformed 'page' parameter values in HTTP POST requests to L7Prot endpoint. Workaround: Until patch is available, disable L7 protocol filtering feature if operationally acceptable, or restrict administrator access to trusted IPs only.

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.2
CVSS: +44
POC: +20

Share

EUVD-2025-21238 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy