CVE-2025-7793
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-07-23
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenda | fh451_firmware | 1.0.0.9 |
| tenda | fh451 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7793 is a critical stack-based buffer overflow vulnerability in the Tenda FH451 router version 1.0.0.9. It occurs in the function formWebTypeLibrary via the webSiteId parameter. By sending crafted input to this parameter, an attacker can cause a stack overflow, potentially allowing arbitrary code execution or denial of service. The vulnerability can be exploited remotely without authentication, making it highly severe. [1, 2]
How can this vulnerability impact me? :
This vulnerability can compromise the confidentiality, integrity, and availability of the affected device. An attacker can remotely exploit it to execute arbitrary code or cause the device to crash (denial of service). Since it requires no authentication and is easy to exploit, it poses a significant security risk to users of the Tenda FH451 router version 1.0.0.9. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP requests targeting the /goform/webtypelibrary endpoint with crafted webSiteId parameters that may trigger a stack-based buffer overflow. Since the exploit is publicly available and remotely executable, network intrusion detection systems (NIDS) can be configured to look for unusual or malformed requests to this path. Specific commands are not provided in the resources, but using tools like curl or wget to send crafted requests to /goform/webtypelibrary with varying webSiteId values could help detect vulnerable devices. Additionally, reviewing logs for unexpected crashes or abnormal behavior related to this endpoint may indicate exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include isolating or removing the affected Tenda FH451 router version 1.0.0.9 from the network to prevent remote exploitation, as no official patches or fixes are currently available. It is recommended to replace the affected device with an alternative product. Network-level protections such as firewall rules blocking access to the /goform/webtypelibrary endpoint or filtering suspicious traffic targeting the webSiteId parameter can also help reduce risk until the device is replaced. [2]