CVE-2025-7463

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14

Description: A critical vulnerability exists in the Tenda FH1201. The vulnerability affects the formWrlsafeset function within the /goform/AdvSetWrlsafeset file of the HTTP POST Request Handler component. Manipulation of the mit ssid argument can lead to a buffer overflow, allowing for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations: Tenda FH1201 version 1.2.0.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability.