Tenda FH451 qossetting fromqossetting stack-based overflow

July 19, 2025 invoker category_cve

CVE Details

Basic Information

Title Tenda FH451 qossetting fromqossetting stack-based overflow
Type cve
Published 2025-07-19T21:02:09.313Z
Modified 2025-07-19T21:02:09.313Z

Product Information

Vendor Tenda
Product FH451
Version 1.0.0.9

CVSS Information

Base Score 8.7 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X

AI Analysis

AI Description A critical vulnerability in Tenda FH451 1.0.0.9 allows remote attackers to cause a stack-based buffer overflow via the ‘page’ argument in the qossetting function, leading to potential system compromise.
AI Severity Critical
AI Vendor Tenda
AI Product Tenda FH451
AI Version 1.0.0.9

Affected Products

  • Tenda FH451 1.0.0.9

Additional Information

CWE List CWE-121, CWE-119
Source VulDB

Description

A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be launched remotely.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.