PT-2025-19945 · Tenda · Tenda Dap-1520
Duojie_0X00
·
Published
2025-05-06
·
Updated
2025-05-06
·
CVE-2025-4356
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tenda DAP-1520 version 1.10B04 BETA02
Description
A critical vulnerability has been found, affecting the
mod graph auth uri handler function of the Authentication Handler component. This issue leads to a stack-based buffer overflow and can be initiated remotely. The exploit has been disclosed to the public.Recommendations
For Tenda DAP-1520 version 1.10B04 BETA02, consider disabling the
mod graph auth uri handler function as a temporary workaround until a patch is available. Restrict access to the Authentication Handler component to minimize the risk of exploitation.Exploit
Fix
Memory Corruption
Stack Overflow
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Dap-1520