CVE-2025-15007

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18

Description A security issue exists in Tenda WH450 version 1.0.0.18 related to a stack-based buffer overflow. The issue is located within the HTTP Request Handler component, specifically in the file /goform/L7Im. Manipulation of the page argument can trigger the overflow, allowing for remote exploitation. Public exploit code is available.

Recommendations Restrict access to the HTTP Request Handler component. Disable the functionality associated with the /goform/L7Im file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.