CVE-2025-15010

Name of the Vulnerable Software and Affected Versions Tenda WH450 version 1.0.0.18

Description A stack-based buffer overflow issue exists in the processing of the file /goform/SafeUrlFilter within Tenda WH450 version 1.0.0.18. Manipulation of the page argument in this file can lead to the overflow. Remote exploitation is possible, and a public exploit has been disclosed. The vulnerability is related to the SafeUrlFilter() function, where an operation exceeds the boundaries of allocated memory. Successful exploitation could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. The /goform/SafeUrlFilter API endpoint is affected.

Recommendations For Tenda WH450 version 1.0.0.18, at the moment, there is no information about a newer version that contains a fix for this vulnerability.