CVE-2025-7596
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-14

Last updated on: 2025-07-17

Assigner: VulDB

Description
A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been rated as critical. This issue affects the function formWifiExtraSet of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-14
Last Modified
2025-07-17
Generated
2026-05-07
AI Q&A
2025-07-14
EPSS Evaluated
2026-05-05
NVD
CVE-2025-7596
EUVD
EUVD-2025-21339
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tenda fh1205_firmware 2.0.0.7\(775\)
tenda fh1205 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7596 is a critical stack-based buffer overflow vulnerability in the Tenda FH1205 router firmware version 2.0.0.7(775). It exists in the function formWifiExtraSet, specifically in the handling of the wpapsk_crypto parameter. Improper processing of this parameter allows an attacker to cause a stack overflow, which can lead to arbitrary code execution or denial of service. The vulnerability can be exploited remotely without authentication. [1, 2]


How can this vulnerability impact me? :

This vulnerability can severely impact you by allowing remote attackers to execute arbitrary code or cause denial of service on the affected Tenda FH1205 router. It compromises the router's confidentiality, integrity, and availability, potentially leading to unauthorized control over the device or network disruption. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

No known mitigations or countermeasures have been identified for this vulnerability. It is suggested to replace the affected Tenda FH1205 device with an alternative product to avoid risk. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart