CVE-2025-7598
published 2025-07-14CVE-2025-7598: A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file…
high7.4CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSANEPCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
A vulnerability classified as critical was found in Tenda AX1803 1.0.0.1. Affected by this vulnerability is the function formSetWifiMacFilterCfg of the file /goform/setWifiFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | azl3_kubernetes_1.30.10-11_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-13_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-14_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-16_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-18_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-20_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-21_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-22_on_azure_linux_3.0 | — | — |
| msrc | azl3_kubernetes_1.30.10-9_on_azure_linux_3.0 | — | — |
| msrc | cbl2_kubernetes_1.28.4-18_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kubernetes_1.28.4-19_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kubernetes_1.28.4-21_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kubernetes_1.28.4-23_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kubernetes_1.28.4-25_on_cbl_mariner_2.0 | — | — |
| tenda | ax1803 | — | — |
| tenda | ax1803_firmware | — | — |