PT-2025-52600 · Tenda · Tenda Wh450
Z472421519
·
Published
2025-12-21
·
Updated
2025-12-30
·
CVE-2025-15007
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Tenda WH450 version 1.0.0.18
Description
A security issue exists in Tenda WH450 version 1.0.0.18 related to a stack-based buffer overflow. The issue is located within the HTTP Request Handler component, specifically in the file
/goform/L7Im. Manipulation of the page argument can trigger the overflow, allowing for remote exploitation. Public exploit code is available.Recommendations
Restrict access to the HTTP Request Handler component.
Disable the functionality associated with the
/goform/L7Im file.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenda Wh450