CVE-2025-7528
BaseFortify
Publication date: 2025-07-13
Last updated on: 2025-07-16
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | fh1202_firmware | 1.2.0.14\(408\) |
| tenda | fh1202 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7528 is a critical stack-based buffer overflow vulnerability in the Tenda FH1202 router firmware version 1.2.0.14(408). It occurs in the function fromGstDhcpSetSer via the manipulation of the "dips" parameter. This improper handling allows an attacker to overflow the stack buffer, potentially leading to arbitrary code execution or denial of service. The vulnerability can be exploited remotely without authentication and has a low attack complexity. [1, 2]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to severe impacts including arbitrary code execution, which allows an attacker to run malicious code on the affected device, or denial of service, which can disrupt the availability of the router. This compromises the confidentiality, integrity, and availability of the device and the network it supports. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for requests to the endpoint /goform/GstDhcpSetSer with suspicious or crafted 'dips' parameter values that may trigger the stack-based buffer overflow. Network intrusion detection systems (NIDS) can be configured to alert on HTTP POST or GET requests targeting /goform/GstDhcpSetSer. Specific commands depend on your environment, but for example, using curl to test the endpoint with crafted input or using network traffic analysis tools to detect unusual requests to this path can help. However, no specific detection commands or signatures are provided in the available resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Tenda FH1202 router firmware version 1.2.0.14(408) with a non-vulnerable version or an alternative product, as no known countermeasures or patches are currently available. Additionally, restricting remote access to the router's management interface and blocking access to the /goform/GstDhcpSetSer endpoint via firewall rules can reduce exposure. Monitoring for exploit attempts and isolating affected devices from untrusted networks are also recommended. [2]