CVE-2025-7468

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14

Description: A critical vulnerability exists in the HTTP POST Request Handler component of the affected product. The fromSafeUrlFilter function within the /goform/fromSafeUrlFilter file is susceptible to a buffer overflow. This occurs through the manipulation of the page argument, allowing for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations: Tenda FH1201 version 1.2.0.14: At the moment, there is no information about a newer version that contains a fix for this vulnerability.