Tenda FH451 PPTPUserSetting fromPptpUserSetting stack-based overflow

July 18, 2025 invoker category_cve

CVE Details

Basic Information

Title Tenda FH451 PPTPUserSetting fromPptpUserSetting stack-based overflow
Type cve
Published 2025-07-18T19:32:08.275Z
Modified 2025-07-18T19:32:08.275Z

Product Information

Vendor Tenda
Product FH451
Version 1.0.0.9

CVSS Information

Base Score 8.7 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

AI Analysis

AI Description A critical stack-based buffer overflow vulnerability exists in Tenda FH451 1.0.0.0, allowing remote attackers to potentially execute arbitrary code via the delno argument in PPTPUserSetting.
AI Severity High
AI Vendor Tenda
AI Product FH451
AI Version 1.0.0.9

Affected Products

  • Tenda FH451 1.0.0.9

Additional Information

CWE List CWE-121, CWE-119
Source VulDB

Description

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.