PT-2025-30075 · Tenda · Tenda Fh451

Panda_0X1

Published

2025-07-15

Updated

2025-08-19

CVE-2025-7795

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Tenda FH451 version 1.0.0.9

Description A critical issue exists in Tenda FH451 version 1.0.0.9 related to a stack-based buffer overflow. The vulnerability is located in the fromP2pListFilter function within the /goform/P2pListFilter file. Manipulation of the page argument can trigger the overflow, allowing for remote exploitation. The exploit for this issue has been publicly disclosed.

Recommendations Update Tenda FH451 to a version that addresses this issue. As a temporary workaround, consider restricting access to the /goform/P2pListFilter file. Avoid providing untrusted input to the page argument of the fromP2pListFilter function.

Exploit

Fix

DoS

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-119

Related Identifiers

BDU:2025-08931

CVE-2025-7795

Affected Products

Tenda Fh451

PT-2025-30075 · Tenda · Tenda Fh451

CVE-2025-7795

Weakness Enumeration

Related Identifiers

Affected Products

References · 16