Improper Access Controls in Tenda FH1202 Router
CVE-2025-2993
Key Information:
Badges
Summary
A security flaw in the Tenda FH1202 router allows unauthorized access due to improper access controls associated with the /default.cfg file. This vulnerability can be exploited remotely, enabling attackers to manipulate sensitive configurations without proper authentication. Due to the public disclosure of this exploit, users of the affected version are encouraged to assess their security measures and address this vulnerability to prevent potential unauthorized access.
Affected Version(s)
FH1202 1.2.0.14(408)
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved