Stack-Based Buffer Overflow in Tenda FH1201 Router
CVE-2025-7551

8.8HIGH

Key Information:

Vendor

Tenda
Status
FH1201
Vendor
CVE Published:
14 July 2025

What is CVE-2025-7551?

A stack-based buffer overflow vulnerability was identified in the Tenda FH1201 router, specifically in the function fromPptpUserAdd within the /goform/PPTPDClient file. This flaw arises from improper handling of the modino/username argument, which allows attackers to exploit the vulnerability remotely. The exploit has been publicly disclosed, raising significant security concerns for users of this router model.

References

https://github.com/panda666-888/vuls/blob/main/tenda/fh12...
https://github.com/panda666-888/vuls/blob/main/tenda/fh12...
https://vuldb.com/?ctiid.316249

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.
CVE-2025-7551 : Stack-Based Buffer Overflow in Tenda FH1201 Router