CVE-2025-4355

Name of the Vulnerable Software and Affected Versions Tenda DAP-1520 version 1.10B04 BETA02

Description A critical issue has been found, affecting the set ws action function of the /dws/api/ file, leading to a heap-based buffer overflow. This can be initiated remotely.

Recommendations For Tenda DAP-1520 version 1.10B04 BETA02, as a temporary workaround, consider disabling the set ws action function until a patch is available. Restrict access to the /dws/api/ endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.