CVE-2025-7792
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-07-23
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | fh451_firmware | 1.0.0.9 |
| tenda | fh451 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7792 is a critical stack-based buffer overflow vulnerability in the Tenda FH451 router firmware version 1.0.0.9. It exists in the function formSafeEmailFilter, specifically triggered by manipulating the 'page' parameter. This improper handling allows an attacker to cause a stack overflow, which can lead to arbitrary code execution or denial of service. The vulnerability can be exploited remotely without authentication. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing a remote attacker to execute arbitrary code or cause a denial of service on the affected Tenda FH451 router. This compromises the confidentiality, integrity, and availability of the device, potentially disrupting network operations and exposing the network to further attacks. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be performed by monitoring for HTTP requests targeting the /goform/SafeEmailFilter endpoint with suspicious or unusually long 'page' parameter values that could trigger the stack-based buffer overflow. Using network traffic analysis tools like Wireshark or tcpdump to filter for such requests may help. Additionally, reviewing logs for unexpected crashes or abnormal behavior of the Tenda FH451 router firmware version 1.0.0.9 could indicate exploitation attempts. Specific commands might include: 1) Using curl or wget to test the endpoint with crafted 'page' parameters to verify vulnerability presence; 2) tcpdump command to capture traffic: tcpdump -i <interface> 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' and then filtering for /goform/SafeEmailFilter requests; 3) grep or log analysis commands to find suspicious entries in router logs. However, no official detection scripts or signatures are provided. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Discontinuing use of the affected Tenda FH451 router firmware version 1.0.0.9, as no known mitigations or patches are available; 2) Replacing the affected device with an alternative product to avoid risk; 3) Restricting network access to the router's management interface to trusted hosts only, minimizing exposure to remote exploitation; 4) Monitoring network traffic for exploitation attempts and applying network-level protections such as firewall rules to block suspicious requests targeting /goform/SafeEmailFilter. Since the vulnerability can be exploited remotely without authentication and no patches exist, device replacement is strongly recommended. [2]