CVE-2025-7795

Name of the Vulnerable Software and Affected Versions Tenda FH451 version 1.0.0.9

Description A critical issue exists in Tenda FH451 version 1.0.0.9 related to a stack-based buffer overflow. The vulnerability is located in the fromP2pListFilter function within the /goform/P2pListFilter file. Manipulation of the page argument can trigger the overflow, allowing for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations Update Tenda FH451 to a version that addresses this issue. As a temporary workaround, consider restricting access to the /goform/P2pListFilter file. Avoid providing untrusted input to the page argument of the fromP2pListFilter function.