Stack-Based Buffer Overflow in Tenda FH1201 Router
CVE-2025-7550

8.8HIGH

Key Information:

Vendor

Tenda
Status
FH1201
Vendor
CVE Published:
13 July 2025

What is CVE-2025-7550?

A significant vulnerability has been identified in the Tenda FH1201 router, specifically in the function fromGstDhcpSetSer located in the /goform/GstDhcpSetSer file. This flaw is characterized by a stack-based buffer overflow resulting from improper manipulation of the argument 'dips', enabling remote exploitation. Attackers can potentially leverage this vulnerability to execute arbitrary code on the affected system, posing a severe security risk. Given that this exploit has been publicly disclosed, it is crucial for users to implement immediate mitigation strategies to safeguard their devices.

References

https://github.com/panda666-888/vuls/blob/main/tenda/fh12...
https://github.com/panda666-888/vuls/blob/main/tenda/fh12...
https://vuldb.com/?ctiid.316248

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2025-7550 : Stack-Based Buffer Overflow in Tenda FH1201 Router